Amanda Martin (Portsmouth North) (Lab)

- View Speech - Hansard -

Copy Link

-

I want to start by saying happy new year to you, Madam Deputy Speaker, to the staff, to all in this House and to the residents of Portsmouth.

I thank the Minister for his introduction to the Bill and for highlighting some of the major concerns that cyber-insecurity has caused and continues to cause for this country. I welcome the Cyber Security and Resilience (Network and Information Systems) Bill because it reflects a clear change of direction under a Labour Government, moving from a fragmented and often reactive approach to a cyber-security approach that is strategic, cross-Government, resilient and focused on national capability and everyday solutions. We have heard it said many times in this House that the first duty of any Government is to protect their citizens, and in the modern world that duty must extend to the digital systems we all rely on.

Cyber-attacks now pose a daily threat, not just to Government systems but to the livelihoods and security of people in Portsmouth, where major employers, manufacturers, ports and supply chains are attacked and the consequences are immediate and personal. Production can stop overnight, wages can be put at risk and sensitive personal data can be exposed. Constituents in my city who work for, supply or depend on companies such as Jaguar Land Rover have seen this reality at first hand. When large engineering, retail and manufacturing firms are targeted, the impact ripples far beyond their head offices, reaching workers on the shop floor, contractors, small local suppliers and customers whose orders are delayed or cancelled.

For a city like Portsmouth, which is built on defence, maritime work, engineering skills and complex supply chains, cyber-resilience is not an abstract policy or a technical exercise; it is about protecting jobs, safeguarding family incomes, maintaining confidence in the systems that keep our city working, ensuring the security of the public services people depend on every day, and ensuring that our city’s residents are kept safe. Portsmouth city council has been a target. In late 2024, its website was hit by a cyber-attack called a distributed denial of service—DDOS—attack by a pro-Russian hacking group. The attack made it difficult for residents to access council services online for a period of time. Fortunately, no personal or council services were compromised, but the attack demonstrated that even local public infrastructure in places such as Portsmouth is a target for cyber-actors. This is not just an abstract risk.

Local crime statistics show that cyber-crime is a lived experience for Portsmouth residents. About 16% of residents reported experiencing cyber-crime in a 12-month period, including phishing attempts, online fraud and accounts being hacked. As my hon. Friend the Member for Harlow (Chris Vince) noted, not all these crimes are reported as people feel embarrassed, alone or foolish. That is how these crimes continue to proliferate through our society. Local police crime figures also show significant levels of harassment, malicious communications and other online offences that are often instigated through cyber-attacks. These are not just techie problems; they translate into financial losses, practical inconveniences and, most alarmingly, psychological harms and in some cases people attempting to take their own lives because of the damage that has been caused.

Yes, there is an economic cost to cyber-crime, but there is also a human cost, and that is why this Bill matters. It modernises the UK cyber-security framework by strengthening baseline requirements, improving instant reporting and extending protections to a wider range of essential services and supply chains. Its three pillars are welcome. It recognises that weaknesses in one organisation can rapidly cascade across the entire economy, whether it is through the actions of cyber-criminals or hostile foreign actors. It recognises that cyber-crime is real and its effects devastating.

This is not just about big business; as we have heard, cyber-attacks disrupt NHS appointments, threaten energy and water supplies, and prevent people from living their daily lives. Last year alone, 11,000 NHS appointments were lost due to cyber-attacks, and since 2024 at least five direct cyber-attacks have been targeted at UK water supplies—one of them targeted at Southern Water. In 2025, it was reported that 62% of UK energy organisations experience cyber-attacks.

Crucially, Labour recognises that cyber-security is not only a technical issue, but a workforce and economic one. Clearer standards and stronger oversight give businesses the confidence to invest, raise resilience across the economy and ensure that organisations are not left to face increasingly sophisticated threats alone. The Bill rightly ensures that breaches are reported swiftly within 24 hours, because pace and speed are vital if we are to minimise the domino effect of cyber-crime.

The Bill rightly gives regulators the flexibility and powers they need to act as new threats emerge. That comes with the assurance of resources and transparency, as well as a more consistent strategy, evidence and wider clarity. That is particularly important for Portsmouth. Our city is home to the Royal Navy, with one of Europe’s most significant naval bases sitting alongside a major commercial port, advanced engineering and manufacturing activity and a university that recognises expertise in cyber-crime and digital security. When our city was blitzed in the second world war, we could see it and act on it. Cyber-crime needs to be brought into the light in the same way, so that we can all act on the attacks that are happening and create a different culture in which people do not hide and are not embarrassed to say what has happened to them, their businesses or their community.

Portsmouth already plays a vital role in our national security and industrial base. It is not just a target, but a part of the solution. I am proud that the University of Portsmouth is recognised as a centre of cyber-expertise, with leading research and collaboration on cyber-crime, digital security and economic crime. Its centre for cyber-crime and economic crime brings together multidisciplinary experts studying cyber-crime courses, prevention and resilience, and it works with community groups, schools and local businesses to raise awareness and protect people from cyber-crime. The university also conducts advanced research into cyber-security systems and threat detection through computing and behavioural science, helping to develop real-world solutions that improve organisation and national resilience. These efforts not only support local households and employees, but grow the skilled cyber workforce that the UK needs, which links directly to the economic and security objectives of the Bill.

The Bill lays the foundations for a more secure and resilient Britain, and I am pleased to support its Second Reading. In doing so, I seek reassurances and clarity from the Minister on four key points. First, how will the whole of Government work together to ensure that Portsmouth, with its defence, maritime and manufacturing base alongside thousands of small businesses, local services and the public sector, is supported to benefit fully from the Bill? Secondly, how will the Government work with and reach all employers to strengthen knowledge and skills, long-term economic resilience, accountability and responsibility? Thirdly, how will the Bill be linked to investment in cyber-skills and training, so that we are not left without the people needed to make the changing world an easier place to live?

Finally, how can we ensure that this is just the start of the conversation? How can we use the Bill to help change the culture around cyber-attacks so that individuals and organisations can, yes, take responsibility and ownership, but in a supportive environment, rather than one that lays blame? How can we as MPs across the House encourage openness among our constituents, small businesses, large employers and the public sector alike, so that together we can carry out the Government’s first duty, which is to protect their citizens in a modern, ever-changing world?