UK Export Finance: Contingencies Fund
Chris Bryant Excerpts(1 week, 3 days ago)
Written StatementsRead Full debate Read Hansard Text Read Debate Ministerial Extracts
The Minister of State, Department for Business and Trade (Chris Bryant)
The Export Credits Guarantee Department—operating as UK Export Finance—is seeking a repayable cash advance from the Contingencies Fund, following budget changes to an IT project to improve its transaction record systems. This is essential to meet the operational needs of the Department and its work supporting exporters.
Parliamentary approval for additional capital of £2,728,000 will be sought in a supplementary estimate for the Export Credits Guarantee Department. Pending that approval, urgent expenditure estimated at £2,728,000 will be met by repayable cash advances from the Contingencies Fund.
The cash advance will be repaid following Royal Assent to the Supply and Appropriation (Anticipation and Adjustments) Bill.
[HCWS958]
Bus and Lorry Tyres
Chris Bryant Excerpts(1 week, 4 days ago)
Written StatementsRead Full debate Read Hansard Text Read Debate Ministerial Extracts
The Minister of State, Department for Business and Trade (Chris Bryant)
Following EU exit, the UK transitioned over 43 trade remedy measures. These measures were originally applied on behalf of all 28 member states, including the UK, by the European Commission. Two of these 43 measures were anti-dumping and anti-subsidy measures on imports of certain bus and lorry tyres of Chinese-origin.
The UK committed to conduct transition reviews of all 43 measures to ascertain whether the measures are appropriate for the UK market, including whether they should be extended or terminated. As the UK’s independent trade remedies investigatory body, the Trade Remedies Authority is responsible for the conduct of transition reviews. The TRA makes evidence-based recommendations to the Secretary of State. The Secretary of State carefully considers their conclusions, the evidentiary basis and relevant matters in the public interest before deciding whether to extend or terminate existing UK measures, such as those 43 the UK transitioned from the EU.
In 2022, the European Commission lost a legal challenge brought by Chinese industry, challenging the anti-dumping and anti-subsidy measures that the EU had in place on bus and lorry tyres of Chinese-origin. The methodology underpinning the EU’s measures on behalf of the 28 member states was found to be flawed. The European Commission reopened both investigations and in 2023 recalculated the duties, backdating the effect to remedy the issue. The new duties applied only on behalf of the 27 member states as the UK had already exited EU.
The UK was unable to take comparable action without a review of the measures. On 3 May 2023, the TRA initiated the transition reviews of our anti-dumping and anti-subsidy measures on imports of bus and lorry tyres of Chinese-origin. Through the transition review, the TRA received compelling evidence supporting a recalculation of the anti-dumping and anti-subsidy duties inherited from the EU.
Following a consideration of the evidence provided to it by domestic and foreign interested parties, the TRA recommended to the Secretary of State that both measures be extended for a further five years. The TRA also recommended that certain duties be increased, whereas others should be decreased. Domestic legislation limited the TRA to being able only to recommend that these new duties be applied from the original date of expiry of both measures—23 October 2023 for the anti-dumping measure, and 13 November 2023 for the anti-subsidy measure.
While the Secretary of State accepted the basis of the TRA’s recommendation to extend both measures and amend the duties, the Secretary of State believed that the amended duties should be applied from different dates. The Secretary of State believed that it is in the public interest and the reasoning was as follows:
For those duties the TRA recommended be increased, the Secretary of State decided to apply these prospectively from the day after the public notice was published—1 August 2025. This is because applying the increased duties prospectively is in accordance with World Trade Organisation rules on prospectivity and represented a fair outcome for the affected UK importers. The Secretary of State also does not anticipate the TRA finding itself in this situation again—the issue was driven by the original EU duties being found to be flawed. The TRA has almost completed all transition reviews of those 43 measures the UK originally inherited.
For those duties the TRA recommended be decreased, the Secretary of State decided to apply these from 1 January 2021. This was to remedy the fact that the UK inherited duties from the EU that were subject to a successful legal challenge by Chinese industry in 2022. This again represented a fair outcome for UK importers.
The Government published a public notice on 31 July 2025 to give effect to the Secretary of State’s decision from 1 August 2025.
[HCWS934]
UK-Greenland Partnership, Trade and Co-operation Agreement
Chris Bryant Excerpts(1 week, 4 days ago)
Written StatementsRead Full debate Read Hansard Text Read Debate Ministerial Extracts
The Minister of State, Department for Business and Trade (Chris Bryant)
The UK and Greenland agreed to resume negotiations on the UK-Greenland Partnership, Trade and Co-operation Agreement at the European Political Community summit in Copenhagen on Thursday 2 October.
This partnership provides a strong commitment to enhance our bilateral trade relationship with Greenland and develop a deeper relationship with all parts of the Kingdom of Denmark to deliver a more prosperous and secure Arctic.
Greenland has historically been an important exporter of seafood to the UK, exporting approximately £211 million of seafood to it between 2022 and 2024. The deal could also support the UK’s seafood processing industry, which employed nearly 16,000 people in 2024.
It will also lead to tariff savings on seafood and fish imports tariffs of up to 20% from Greenland for UK processors, supermarkets, catering businesses and restaurants, which could be passed on to consumers.
Once negotiated, this will be Greenland’s first bilateral free trade agreement. There is a strong case for resuming talks and concluding the deal to consolidate and deepen the UK’s economic and geostrategic relationship with Greenland, including working more closely on critical and rare earth minerals co-operation.
The Government will continue to update and engage with stakeholders while we look to conclude negotiations with Greenland.
[HCWS936]
UK-US Trade
Chris Bryant Excerpts(1 week, 4 days ago)
Written StatementsRead Full debate Read Hansard Text Read Debate Ministerial Extracts
The Minister of State, Department for Business and Trade (Chris Bryant)
The UK and US have met to continue talks on the UK-US economic prosperity deal in London, Washington DC and virtually during August and September 2025.
The UK has continued to engage across the range of issues outlined in the general terms for the UK-US economic prosperity deal agreed in May. This has included discussions on digital and technology, tariff and non-tariff barriers, as well as on the US tariffs levied on products subject to section 232 investigations.
During the state visit of the President of the United States, the UK and US announced the technology prosperity deal that builds on the EPD. The first ever UK-US tech agreement is focused on developing the fastest growing technologies like AI, quantum, and nuclear. The deal will bring new healthcare breakthroughs, clean home-grown energy, and more investment into local communities and businesses in Britain and the United States.
Last month, the United States confirmed that the UK will not face an increase in steel and aluminium tariffs to 50% and will remain the only country in the world to benefit from a preferential 25% rate on steel, aluminium and derivative exports to the US, thanks to the EPD. This provides the certainty that UK industry has long been calling for. We continue to work closely with our US counterparts to reduce tariffs further and secure the best possible outcomes for UK manufacturers.
Also as a result of the EPD, the UK has received preferential treatment for lumber products, with the lowest tariff rate of any country in the world at 10%. Other countries face tariffs of up to 50%.
Intensive discussions are continuing on other sectors under section 232 investigation, including pharmaceuticals and semiconductors, towards the significantly preferential outcome provided for under the general terms.
The US is the UK’s largest single country trading partner with a trading relationship worth some £315 billion last year. UK firms employ some 1.2 million US workers while 1.4 million people work here in the UK for American companies. We have £1.2 trillion invested in each other’s economies. The EPD will continue to deliver on saving thousands of jobs, protecting key British industries, and helping to drive economic growth.
[HCWS935]
Turkey Enhanced Free Trade Agreement: Round 2 Negotiations
Chris Bryant Excerpts(1 week, 4 days ago)
Written StatementsRead Full debate Read Hansard Text Read Debate Ministerial Extracts
The Minister of State, Department for Business and Trade (Chris Bryant)
The second round of negotiations on an enhanced free trade agreement with Turkey took place in London during the week commencing 15 September 2025.
Economic growth is our first mission in Government and FTAs have an important role to play in achieving this. A stronger trade relationship with Turkey will contribute to jobs and prosperity in the UK, with total trade between the UK and Turkey standing at around £28 billion in 2024.
Negotiations were productive, with positive progress being made in a number of areas:
Trade in services
Constructive discussions were held on a range of key technical areas, including digital trade, financial and professional business services, as well as investment. The UK continues to seek commitments that will support opening new opportunities for services trade, which is not covered by the existing UK-Turkey FTA.
Trade in goods
Turkey is a significant trading partner for the UK—our 16th largest trading partner in 2024. In that period, UK goods exports to Turkey were worth more than £6.1 billion. During the second round of negotiations both sides discussed priorities for building on this baseline, and potential areas of growth. Talks focused on text proposals, as well as discussion of goods trade data covering recent years.
Sustainability and collaboration
The round included further talks on environment, labour, and anti-corruption provisions, building on initial conversations held in Ankara during the first round of negotiations. Both sides continued to assess scope for areas of co-operation, including reaffirming relevant international commitments and building on identified shared priorities.
Additional areas
Positive talks were also held on dispute settlement, intellectual property, Government procurement, customs, and consumer protection; productive initial discussions on trade remedies and good regulatory practice also helped build a shared understanding of both countries’ initial positions.
The UK will only ever sign a trade agreement which aligns with the UK’s national interests, upholding our high standards across a range of sectors, including protections for the national health service.
The third round of negotiations is expected to take place in late autumn of 2025. Ministers will update Parliament on the progress of discussions with Turkey as they continue to progress.
[HCWS933]
Jaguar Land Rover Cyber-attack
Chris Bryant Excerpts(1 month, 2 weeks ago)
Commons ChamberRead Full debate Read Hansard Text Watch Debate Read Debate Ministerial Extracts
Urgent Questions are proposed each morning by backbench MPs, and up to two may be selected each day by the Speaker. Chosen Urgent Questions are announced 30 minutes before Parliament sits each day.
Each Urgent Question requires a Government Minister to give a response on the debate topic.
This information is provided by Parallel Parliament and does not comprise part of the offical record
The Minister of State, Department for Business and Trade (Chris Bryant)
Thank you, Mr Speaker. I fully recognise the anxiety and deep concern that employees at Jaguar Land Rover and across the supply chain will be feeling. The Government and the National Cyber Security Centre will do everything in our power to help resolve this as soon as possible. We are engaging with JLR on a daily basis to understand the challenges that the company and its suppliers are facing, and we are monitoring the situation closely. I have spoken to the company myself, and I will have a further meeting with the chief executive officer later this week. I understand that the company has also invited local MPs to a question and answer session this Friday.
The National Cyber Security Centre has been working with Jaguar Land Rover since last Wednesday to provide support in relation to the incident. I am sorry that there is a limit to what I can say on the specifics because I do not want to prejudice the ongoing investigations.
The cyber-security of the UK, however, is a key priority for the Government—crucial to protecting the public, our way of life and the successful growing economy. We have been taking significant action to help protect businesses against cyber-attacks. We are reducing cyber-risk across the economy by making technology more secure by design. That includes the Product Security and Telecommunications Infrastructure Act 2022, introduced by the previous Government, which requires manufacturers to build security into the manufacture and operation of internet-connected devices; the software security code of practice, which sets out how vendors and developers should make their software more secure; and the AI cyber-security code of practice, which sets out how AI developers should design and operate AI systems securely.
We are also providing businesses with the tools, advice and support to protect themselves from cyber-threats. That includes the cyber governance code of practice, which shows boards and directors how to effectively manage the digital risks to their organisations; the highly effective cyber essentials scheme to prevent common attacks, reducing the likelihood of a cyber insurance claim by 92%; and a wide range of free tools and support from the National Cyber Security Centre, including training for boards and staff, the “Check Your Cyber Security” tools to test IT systems for vulnerabilities, and the early warning system to get notified about cyber-threats to networks. I urge all businesses to take up these tools and improve their cyber-defences.
It is not for me to announce future business of the House, but when parliamentary time allows the Government will introduce the cyber-security and resilience Bill to raise cyber-security standards in critical and essential services, such as energy, water and the NHS.
Derek Twigg
I am grateful to you, Mr Speaker, for granting this urgent question—as a north-west MP, you know what a large employer JLR is in the region. As we have heard, this serious cyber-attack on Jaguar Land Rover has stopped production and halted sales, and staff have been instructed to stay at home. The car plants at Halewood in my constituency and in Solihull, and other production facilities around the world, have been unable to operate. From what has been reported, JLR shut down its IT systems in response to the attack. I believe that dealerships have been unable to register new cars and—initially, at least—garages that maintain JLR vehicles were unable to order the parts they needed.
The JLR Halewood plant in my constituency is an important and valued employer. Many of my constituents are employees, which is also the case for my neighbouring Merseyside MPs. Thousands of jobs in the supply chain have been affected. I am disappointed that despite the cyber-attack happening just over a week ago to one of our most important businesses, which has nearly 33,000 direct employees and, of course, a huge supply chain, no statement has been made to Parliament on what actions have been taken to help the company or to prevent future attacks.
The latest attack raises wider issues following on from the attack on Marks & Spencer. The two instances in themselves are very worrying. One would like to believe that all companies reviewed their cyber-security after the M&S attack. If these attacks continue, there could be an ongoing and even more serious effect on our economy. What are the Government doing to help protect our businesses from cyber-crime? I have heard what the Minister has said today, but it is in our national security interest for them to work closely with business. Is there an underlying weakness in how business is dealing with cyber-security? In that regard, we heard from Ciaran Martin, former head of the National Cyber Security Centre, on the “Today” programme this morning, suggesting that companies are perhaps focusing more on protecting customer data at the expense of the security of their operations.
This House needs to hear more in the coming months about what the Government are doing to work with business and to help prevent these attacks being successful, because they are a threat to our economy and to national security.
Chris Bryant
First, I commend my hon. Friend on seeking this urgent question and you, Mr Speaker, on granting it. My hon. Friend makes the important point that Jaguar Land Rover is not only an iconic national brand, but a very significant employer—it employs 34,000 people in the UK, including in his constituency, and 39,000 worldwide. He is right that we need to ensure that cyber-security is something that every company in the land take seriously, and every public sector organisation. In my previous ministerial role I was conscious of the attack on the British Library, which was actually one of the most financially significant attacks heretofore, and it pointed the way for some of the other issues arising across the economy, which is why we have been keen to bring forward a Bill on this, as stated in the King’s Speech. We will introduce such a Bill “soon”—I think I can get away with that with the Chief Whip and the Leader of the House, although, in the words of Humpty Dumpty, when I use a word it means precisely what I choose it to mean, no more and certainly no less. As my hon. Friend says, there are serious issues that we need to address across the whole of the economy to ensure that we get this right.
My hon. Friend pointed to one person; I point to another—Richard Horne, the chief executive officer of the National Cyber Security Centre—who recently stressed that the UK faces increasingly hostile activity in cyber-space. We simply cannot afford any degree of complacency in this. There are major criminals operating in this space, as well as some malicious state actors, and some 40% of companies in the UK reported last year that they had faced some kind of cyber-attack. It is a very important issue that we take seriously.
Dame Harriett Baldwin (West Worcestershire) (Con)
I congratulate the hon. Member for Widnes and Halewood (Derek Twigg) on securing this important urgent question. I welcome the Minister to his new role, although I will never be able to rival his literary quotations.
This attack on Jaguar Land Rover is extremely concerning. The impact on that world-leading business, and on its suppliers and workers, has been significant. I hope that the whole House agrees that we must use the full force of the state to crack down on cyber-criminals. I appreciate that the Minister is constrained in what he can say, but when were the Government and the National Cyber Security Centre informed of the attack? What kind of support are the Government and law enforcement agencies able to offer Jaguar Land Rover? How much longer do the Government expect the disruption, which is impacting on the supply of vehicles, to continue?
The attack is just another in a series against British brands and iconic institutions—the Minister says that 40% of our businesses have been affected—including the attack earlier this year on Marks & Spencer. Will he elaborate on what the Government are doing to prevent future attacks? Has he identified who is responsible for the attack? Can he rule out its being a state-sponsored attack? If the group responsible for the attacks on Jaguar Land Rover and Marks & Spencer are linked, what progress have law enforcement agencies made in pursuing them?
Chris Bryant
I am not sure whether the shadow Minister is in a new role—
Chris Bryant
She is not; I will not welcome her to her new role, then—I welcome her to the Dispatch Box none the less. She asked a series of questions, and I will try to answer those that I can as precisely as possible.
First, the shadow Minister asked when the NCSC was notified and engaged. It has been engaged since last Wednesday. We have an undertaking that when people get in touch with the NCSC, the response will be very immediate.
The shadow Minister asked what engagement there is from the Government. The primary engagement is through the NCSC, which is fully engaged and devoted to the work. It is also in the public domain that the Information Commissioner’s Office was notified. I should clarify that that was not because JLR was certain that there had been a data breach, but it wanted to ensure that it had dotted every i and crossed every t, which is why it notified the Information Commissioner’s Office.
The shadow Minister asked about a timeline for getting this resolved. I wish that I could provide one, but I cannot. I think she will understand why: this is a very live situation that has been ongoing for a week. I note the points that JLR has been making. As I say, there will be an invitation for all local MPs—my hon. Friend the Member for Widnes and Halewood (Derek Twigg) should already have had one—for a Q&A session on Friday morning, when JLR hopes that it will be able to provide more information.
The shadow Minister asked what else we are doing. This summer, the Home Office undertook a consultation on our policy on ransomware. I am not saying that that relates specifically to this case—we do not know that yet and I am not coming to any foregone conclusions—but that is one of the things that we must address, and it was heartening to see resolute support from the vast majority of companies in the UK for our ransomware policy. Maybe we will come to that later.
The hon. Lady asked whether I can say who is responsible. I am afraid that I cannot. I note what is in the public domain, but I have no idea whether that is accurate and I do not want to impede the investigation. She asked whether the attack was state sponsored. Again, I do not want to jump to conclusions, and I can neither confirm nor deny anything. She also asked whether the case is linked with that of M&S. Again, I cannot answer that as fulsomely as I would wish, simply because I do not know, and I do not think anybody has come to any secure decisions on that. In one sense, all cyber-attacks are linked, in that it is the same problem, which is relatively new. The previous Government were seeking to tackle it, and we are seeking to tackle it in broadly the same way. Some of the techniques used are remarkably old-fashioned, such as ringing up helplines, which are designed to be helpful. That is exactly the same as when News of the World was ringing up mobile companies and trying to get PINs to hack other people’s phones. This is an old technique. The new bit is that sometimes people use AI-generated voices, which are remarkably accurate and can lead to further problems. I am not saying that that is what happened in this case, but some of the patterns are across the whole sector.
Liam Byrne (Birmingham Hodge Hill and Solihull North) (Lab)
I congratulate my hon. Friend the Member for Widnes and Halewood (Derek Twigg) on securing this urgent question, and warmly welcome the Minister to his new role. This is an extraordinarily serious issue, and the Business and Trade Committee will soon table its recommendations on tackling economic harms such as this. Many companies such as JLR now confront a much bigger threat surface, and the peril of state-backed threats. That is why this will be a much bigger issue in the future, and why companies in this country will need more than new laws. They will need new investment incentives to clean up legacy infrastructure that is currently not safe enough.
When we took evidence from Archie Norman and Marks & Spencer in the wake of that cyber-attack, we were given a distinct impression that more could have been done by agencies to help M&S. Will the Minister reassure the House that all the lessons from how the M&S case was handled have been learned, and that the state will bend over backwards to ensure that JLR has every assistance it needs to get back up and running, and to prosecute the guilty?
Chris Bryant
The single most important thing we can do is ensure that we end up prosecuting the guilty and that people are sent to prison, such as the gentleman—well, the person—in the United States of America who was recently sent down for 10 years as part of one of these networks, which was important. I am a Minister in the Department for Business and Trade, but the Minister for Security, my hon. Friend the Member for Barnsley North (Dan Jarvis), and the Under-Secretary of State for Science, Innovation and Technology, my hon. Friend the Member for Vale of Glamorgan (Kanishka Narayan), who is on the Front Bench, are actively engaged in these discussions, and we must ensure a cross-Government approach. I look forward to what we will hear from the Business and Trade Committee. I was intrigued by what my right hon. Friend was saying about investment incentives, and I hope he might come up with some clever idea that we could put into practice once he has produced his report.
On the main point about whether we have learned all the lessons from M&S, I certainly think we have. I have read Archie Norman’s evidence to the Committee, and I hope that M&S has also learned the lessons that he laid bare. I hesitate in trying to make too immediate a connection between one case and another, because as my right hon. Friend will know, I do not want to prejudge what has happened in this particular set of circumstances.
Clive Jones (Wokingham) (LD)
I welcome the Minister to his new role. There has been a spate of cyber-attacks on important UK companies such as Jaguar Land Rover, on supermarkets and on the Legal Aid Agency. What are the Government doing to restore public and, just as importantly, international trust in the UK’s cyber-security networks? Do the Government think that the attacks have come from overseas?
Chris Bryant
That is the second time I have been asked whether this attack has come from overseas, although I suppose that is a slightly different question from one about state actors. Again, I am not going to prejudge the investigation—I can tell that the hon. Gentleman knows that, because he is smiling. He referred to UK companies, but were I speak to any of my counterparts in Europe, or in most countries in the world, I would find that they are going through exactly the same issue. Qantas, Pandora, Adidas, Chanel, Tiffany & Co., Cisco—all those companies have had major attacks over the past months, and unfortunately that is simply a part of modern business. It is a despicable practice and a set of criminal actions. We must prosecute those who are responsible and ensure that they go to jail for a very long time, so that we can protect our industry in the UK, and co-operate with other international agencies to ensure that we do the same around the world.
Maria Eagle (Liverpool Garston) (Lab)
I congratulate my hon. Friend and neighbour the Member for Widnes and Halewood (Derek Twigg) on securing this urgent question. I used to represent the Halewood plant until boundary changes, and hundreds of my constituents work at that plant, with many more working in supplier companies. They are at home and being paid at the moment, but The Sunday Times reported that prospects of a quick end to the saga are limited, and that the worldwide shutdown is costing £72 million a day in lost sales. Despite requests, local MPs have had no meaningful information from the company, although we have a 30-minute Zoom call on Friday, which is a start. What can the Government do to ensure that this disaster is brought to a close as soon as possible? These attacks threaten our economy and our national security, so what help can the Minister offer the company and my constituents at this worrying time? Things do not seem to be getting any better.
Chris Bryant
I pay tribute to my right hon. Friend for all the work that she and I did together, particularly on space, in my old job and in hers. She was an excellent Minister to do business with, and I slightly fear having her on the Back Benches as she is a very redoubtable person. Many suppliers, including Evtec, WHS Plastics, Sertec, OPmobility and a series of others, are in an even more complex situation than Jaguar Land Rover, and I will try to co-ordinate the activity that we are doing in our Department to ensure that we provide every possible support to them. I note the tone in which my right hon. Friend said that MPs were getting a half-hour Zoom call on Friday. I will try to ensure that all MPs get the support they need, so that they can do the job of reassuring their constituents. Earlier today I made that point forcibly to JLR, and as I say, I intend to have a meeting with its chief executive later this week. When I possibly can I want to keep MPs updated, either individually in constituencies, or the whole House.
Sir Edward Leigh (Gainsborough) (Con)
I congratulate the hon. Gentleman on surviving the reshuffle. This Minister adds to the general merriment of the nation, so we will miss him when he’s gone—[Laughter.] We’re all mortal. May I ask a serious question about the public sector? As it happens, I am an enthusiast for the Prime Minister’s idea of a national digital ID card as a means of countering illegal working, but it raises a whole new spectre if tens of millions of people have an ID card on their mobile phone in their pocket and malign forces—Russia and elsewhere—seek to attack us. What work are the Government doing with their Bill and in the National Cyber Security Centre to try to get this right?
Chris Bryant
The right hon. Gentleman is right on two points, and to take his point a little further, data is a wonderful thing—a gold mine, in many ways—but it is also a potential vulnerability. We must ensure that if we take people into a digital future, with digital ID cards—I am not saying that we are, but if we were to go down that route; or wherever we go, for instance with a digital driving licence, which we will have soon—we must ensure that it is safe, secure, and that people’s data is not imperilled.
I do not know what the right hon. Gentleman meant about me surviving. I love him too.
Sonia Kumar (Dudley) (Lab)
I warmly welcome the Minister to his place. In the light of the cyber-security breaches survey published in April 2025, which reported that 43% of businesses and 30% of charities experienced a cyber-attack last year, what steps is he taking to strengthen national cyber-security? How are the Government working with businesses and charities to improve prevention and ensure better intelligence-sharing, as a matter of national security?
Chris Bryant
I am grateful to my hon. Friend, who is on the Business and Trade Committee, which I will be before next week, I think. On ransomware, one of the questions is whether we know the full extent of what is going on in the UK. That is why we have suggested mandatory reporting. It is interesting that more than 70% of businesses in the UK agreed with what was in the consultation that the Home Office produced in the summer, and I hope that we can introduce further measures when the Bill comes forward. I have referred to some of the means of providing support to businesses up and down the land, but I am happy to fill my hon. Friend in with more details, if she wants to grab me afterwards.
Mr Joshua Reynolds (Maidenhead) (LD)
As has been said, Jaguar Land Rover is not the first British household name this year to experience cyber-attacks. In a recent Business and Trade Committee meeting, the chairman of Marks & Spencer said that he wished that somebody would ride in the cab with them for this experience; he felt like there was too much one-way traffic, and not enough dialogue between the Government and the business. Can the Minister reassure us that the Department has learned those lessons? Can he reassure us that Jaguar Land Rover is having that two-way dialogue, and that someone is in the cab with it at the moment?
Chris Bryant
We want to make sure that is the case. As I have said, I have spoken to Jaguar Land Rover, and I intend to have a further meeting with the chief executive later this week, though he is departing in November. Two new Ministers from the Department for Business and Trade are here. Our job and our absolute determination is to ensure that business can flourish in this country, because in the end, business largely pays the bills, keeps the lights on, keeps the NHS functioning, and keeps everything going. That is why we are determined to have a strong working relationship with businesses, in this and many other areas.
Bill Esterson (Sefton Central) (Lab)
We have heard from my hon. Friends and the Minister how wide the impact of the cyber-attack has been, across the economy. Hon. Members have mentioned the national security threat. The Minister gave evidence to the Joint Committee on the National Security Strategy in his previous role, and spoke about his confidence in the “robust” contingency plans in place for critical national infrastructure, to quote a phrase he used. To what extent does he have the same confidence when it comes to cyber-attacks?
Chris Bryant
The evidence that my hon. Friend mentions related to subsea cables, for which I think the situation is robust. In fact, we had another cut to one of the subsea cables during the summer months; it was, I think, repaired within eight days. We are one of the best countries in the world at repairing subsea cables, but we are also one of the more vulnerable countries, because we are an island nation. I assure him that we three Ministers—the Under-Secretary of State for Science, Innovation and Technology, my hon. Friend the Member for Vale of Glamorgan (Kanishka Narayan), the Minister for Security and me—will apply exactly the same diligence and lack of complacency to this issue as to the issue of subsea cables.
Sir Andrew Mitchell (Sutton Coldfield) (Con)
I thank the hon. Member for Widnes and Halewood (Derek Twigg) for seeking and securing this urgent question. It is good to see the Minister in his place, with his perennially cheerful, Tiggerish demeanour, following the reshuffle.
In the royal town of Sutton Coldfield, we are extremely concerned about this incident. The Minister mentioned WHS Plastics, which is based in Minworth in my constituency. I spoke to the chief executive yesterday in some detail; he has 2,000 employees and eight plants, and the vast majority of his business goes to Jaguar Land Rover. The Minister will know that throughout the west midlands, there are probably more than 200,000 people in the supply chain who are directly affected, and I understand that all the factories globally have been shut down.
May I ask two questions to the Minister and support what was said by the Chair of the Business and Trade Committee, the right hon. Member for Birmingham Hodge Hill and Solihull North (Liam Byrne)? First, can we have an absolute assurance that we will have full help from all the relevant agencies of the state, and that they are seriously and 100% engaged in all this? Secondly, will the Minister press for maximum transparency, so that the staff who are being sent home in very large numbers, and who are naturally very anxious and worried about this issue, can be reassured to the greatest extent possible?
Chris Bryant
Yes, all the agencies will be engaged to the fullest possible extent. As the Chair of the Business and Trade Committee said, we will bend over backwards and do everything we possibly can to ensure that this issue gets resolved as soon as humanly possible; I do not want to say when that will be, because I simply do not know. If the right hon. Member for Sutton Coldfield (Sir Andrew Mitchell) would like to pass on the details of the chief executive of WHS Plastics, I am very happy to have a call with them, and with others in the supply chain, later this week. It is often not just individual companies, but the whole supply chain that is affected. As for Tigger, I seem to recall that the final line in the song is:
“the most wonderful thing about Tiggers is I’m the only one!”
Mrs Sureena Brackenridge (Wolverhampton North East) (Lab)
I thank my hon. Friend the Member for Widnes and Halewood (Derek Twigg) for securing this urgent question, and the Minister for coming to the Dispatch Box. Jaguar Land Rover is a valued employer in Wolverhampton North East and an iconic British brand, so the disruption to production and the impact on the wider supply chains have caused much concern. What action is being taken to protect businesses and supply chains from ransomware and cyber-attacks?
Chris Bryant
I laid out in my initial answer some of the things that the Government are already engaged in, such as the NCSC, which has had involvement with Jaguar Land Rover since last Wednesday. There are really good online aids that can help many companies work through how they can protect themselves better. Some of those things are relatively simple, but some are more complex; it depends on the size of the organisation. As I said, we have consulted on ransomware. As we have said previously, paying the criminals does not get us out of the hole; they are not to be trusted, and people should be extremely cautious. We do not recommend people paying ransoms in any circumstances. It does not solve the problem, and actually adds to the business model of the criminals, whom we want behind bars.
Saqib Bhatti (Meriden and Solihull East) (Con)
I welcome the Minister to his role, and thank him for recognising the anxiety of the staff in the supply chain. Jaguar Land Rover is a huge employer in my constituency, not least because I have the factory in Elmdon, which employs thousands, and there could be an effect on tens of thousands, through its supply chain. Many of my constituents will be really anxious, not least because there is a lack of information at the moment. I echo the comments of the right hon. Member for Liverpool Garston (Maria Eagle) about briefings for MPs. Can the Minister reassure my constituents that this Government will give the NCSC all the resources it needs to pursue the perpetrators? I am more than happy to work with him on that. Given the reports of losses being made every day, have there been any requests for financial support? Is he talking to Chancellor about anything like that, or is it too early to say?
Chris Bryant
I am tempted to say that it is too early to say, as the hon. Gentleman gave me that get-out clause at the end. The main thing I want to ensure is that all MPs have the information they need on a secure basis, so that they can provide reassurance to their constituents. I am sure that there will be all sorts of rumours spreading around, some of which may be very wide of the mark, and I want to ensure that JLR is able to provide information to everybody. We are going into recess next Tuesday; otherwise, I would have been more than happy to gather MPs to have these discussions in a private setting. It is probably best if we see how we go on Friday. I do not think that half an hour will suffice for a Zoom call with JLR; I will make that point to the chief executive.
Laurence Turner (Birmingham Northfield) (Lab)
I thank my hon. Friend the Member for Widnes and Halewood (Derek Twigg) for securing this urgent question, and welcome the Minister to his new role. JLR employs hundreds of people directly in my constituency, and many more indirectly. This is an extremely concerning time for them, and I hope that the Department will consider providing information directly to local MPs, in addition to engaging with the company. As has been said, this attack follows attacks on Marks & Spencer, the NHS, the British Library and other public institutions. I understand why the Minister has set out that the Government’s focus is on ensuring that companies are better protected and report these kinds of incidents, but can he assure the House that all steps are being taken to identify areas of critical national vulnerability in both the public and private sectors, so that we can try to avoid these attacks in the first place?
Chris Bryant
Yes, I can assure my hon. Friend that we do that. Of course, I fully understand that this issue comes on top of other issues for JLR this year, not least tariffs in the United States of America. As my hon. Friend knows, the Prime Minister was very personally engaged in making sure that we got a better deal with the United States, and was able to announce that in a JLR factory. I know that some voluntary redundancies are going through the normal business process at JLR at the moment; that has nothing to do with this cyber-attack. However, I can give my hon. Friend the assurance he asks for.
Sir Gavin Williamson (Stone, Great Wyrley and Penkridge) (Con)
Jaguar Land Rover is the largest employer in the west midlands, so every west midlands constituency is impacted by this cyber-attack. The attack on JLR is not the first of its kind, and it certainly will not be the last. Increasingly, we are seeing state actors using criminal gangs, whether they originate from Russia, North Korea or Iran, to get hard cash into their country. What more can the Minister and the state do to support our businesses with the robust defences that are required? They are fighting states, and they need this state right behind them.
Chris Bryant
They certainly have this state right behind them. Incidentally, I apologise to the right hon. Gentleman: I think I visited his constituency during the recess, and he might have known about it only 10 minutes before I arrived. We were looking at digital inclusion issues.
One thing that all businesses can do now is get a certificate for cyber-essentials, which is a programme that helps businesses to protect themselves better. I am very hesitant to jump to conclusions about overseas involvement in this situation at JLR, but of course the Government take very seriously the fact that there are undoubtedly foreign state actors who want to interfere in our businesses and, for that matter, in the way we do politics in this country. We need to keep our eyes wide open for that.
Shaun Davies (Telford) (Lab)
This cyber-attack is terrible news for Jaguar Land Rover and its supply chain. Many of those companies are based in and around my constituency. Pool Re is a publicly owned insurance provider that provides insurance cover for physical terrorist attacks, invests in terrorism reassurance initiatives, and has £2.3 trillion of assets on its books. Have the Government considered extending the reach of that publicly backed insurance scheme to cyber-incidents such as this one?
Chris Bryant
My hon. Friend has stumped me there. I do not have the faintest idea. I will have to write to him with an answer to that one.
Sir Jeremy Wright (Kenilworth and Southam) (Con)
I welcome the Minister to his new responsibilities, and on behalf of the many JLR employees in my constituency, welcome anything the Government can and will do to get JLR back to business as usual as soon as possible. On our broader defences, the Computer Misuse Act 1990 is 35 years old, and there are many who believe that its provisions impede the work of cyber-security professionals almost as much as, if not more than, cyber-criminals. Will he take this incident as an incentive to look again at the provisions of that Act, and to update it, as we need to, to make sure that cyber-security professionals can help companies such as JLR to deal with incidents just like this one?
Chris Bryant
The right hon. and learned Gentleman makes a very good point about legislation that is somewhat out of date and needs renewing. That is one of the reasons why, as we stated in the King’s Speech, we will introduce a new cyber Bill. I see the Under-Secretary of State for Science, Innovation and Technology, my hon. Friend the Member for Vale of Glamorgan (Kanishka Narayan), nodding. If we do not do that properly, I am sure that the right hon. and learned Gentleman will table an amendment to the Bill when it is debated.
Dame Chi Onwurah (Newcastle upon Tyne Central and West) (Lab)
I congratulate the Minister on his new role. I am sorry that we never had the opportunity to welcome him to the Science, Innovation and Technology Committee when he was at the Department for Science, Innovation and Technology, but I believe I see the new artificial intelligence and cyber Minister, my hon. Friend the Member for Vale of Glamorgan (Kanishka Narayan), sitting on the Front Bench, and I look forward to welcoming and congratulating him.
The devastating JLR cyber-attack is one of a series of cyber-attacks that have been wreaking havoc on British businesses and consumers and undermining public confidence. Will the Minister confirm my understanding that neither JLR nor Marks & Spencer are deemed to be providers of essential services under cyber legislation, and are therefore not required to meet the highest levels of cyber-security and reporting requirements? If that is the case, will that change under the new cyber-security and resilience Bill, which he mentioned? If not, how will he improve cyber-resilience in our industry and society without such measures?
Chris Bryant
It is interesting, is it not? My hon. Friend makes a very good point. There is a balancing act for us to achieve: we do not want to overburden businesses with requirements, but we want to make sure they take every action to ensure they are properly protected. I will write to my hon. Friend if I have got this wrong, but my understanding is that those companies are not presently included. I am afraid that she will have to wait for the Bill, but our intention is that it will directly relate to things like energy and water supply—drinking water and things like that. As I say, it is a balancing act, trying to make sure that industry has the freedom to operate as it should while embodying the best practice.
One other thing I will say is that all businesses, whether large or small, should avail themselves of the early warning tool available from the National Cyber Security Centre whenever they think that they may have had an attack. It is really important that we have a real idea of the prevalence of this problem across the whole sector, and that we are able to join up the dots between different incidents.
Sir Julian Lewis (New Forest East) (Con)
I welcome the Minister to the world of “neither confirm nor deny”, though I fear it may cramp his inimitable style somewhat. Does he accept that there are broadly three categories of hacker? There are the show-offs, who are aiming to boost their egos in the online world; the wreckers, who are usually working on behalf of hostile countries or political ideologies; and the extortionists to whom he referred earlier, who are out to blackmail people and relieve them of large amounts of money. In every case, though, there is always the anxiety that people’s personal data is going to be compromised and publicised. To that end, is the Minister really satisfied that so many Government services that deal with personal data—the latest being His Majesty’s Revenue and Customs—insist that people go online to supply that data to Government?
Chris Bryant
The right hon. Gentleman makes a very good point about personal data. When I was the data Minister, that was one of the things I was trying to push very strongly—there is no point in trying to get people to give data if it is not then secure. That is the single most important part of what we have to do, not least because if people do not trust that their data is going to be secure, it is perfectly understandable that they are not going to surrender it. That does not just apply to Government, although it is very important in Government; it applies across all sorts of different companies.
I slightly take issue with the right hon. Gentleman’s delineation of those three groups; I think there is just one, which is a bunch of criminals. Their intent sometimes mixes a desire for cash with a desire for some kind of spurious infamy, but I just think of all of them as criminals. As for my inimitable style, I can neither confirm nor deny it.
Dr Scott Arthur (Edinburgh South West) (Lab)
I agree with those Members who have raised concerns about the impact that this cyber-attack might have on jobs. It also has an impact on our reputation as a country when two iconic brands basically have to go offline. I do not expect that this will be the last attack on either a retailer or an automotive company, but the risks to automotive companies are particularly acute, because going forward, cars are basically going to be computers on wheels. Customers will be concerned about what attacks mean for their security, but also about what the impact on the automated features within the car means for driver safety. The Minister said that the UK is increasingly a target; is that because of the interest in the UK, or because we are more susceptible?
Chris Bryant
No, I meant that every country in the world is increasingly susceptible, not just the UK. This is a growing business, and the worst thing we could do would be to feed that business model. I would urge caution about one thing. It may well be that we do not know all the incidents that have taken place, because understandably, lots of companies will not want to make them known publicly if they feel that they have managed to deal with the issue fairly swiftly. That is why, as I said, we consulted on the issue of ransomware earlier this summer, and I was gratified by the response we had from more than 70% of businesses.
David Chadwick (Brecon, Radnor and Cwm Tawe) (LD)
Fundamentally, this is a question about resilience across British industry. These attacks are costing British industries millions of pounds a day. What are the Government doing to facilitate knowledge-sharing within industry to boost resilience and guard against operational technology attacks? I know from personal experience that people in the cyber industries like to share information together, but require a forum to do so.
Chris Bryant
The hon. Member is right. For that matter, I suspect that every single Member of the House will have had some kind of attempted cyber-attack, whether that is phishing or vishing or whatever it may be on their mobile phones, where something comes up that looks remarkably possible. Then you say to yourself, “Oh, no, HMRC probably wouldn’t ask me to do that.” I urge all Members, incidentally, to take their own personal cyber-security seriously, and the House provides facilities for that. One other thing that we can do is for all companies to follow the cyber governance code of practice and provide board training. The more that board members understand these issues, the better.
Chris Vince (Harlow) (Lab/Co-op)
I welcome the Minister to his role. Previously, I inadvertently suggested that he was not a national treasure, and I would like to set the record straight on that one. More and more often, businesses and charities in my constituency of Harlow are reliant on the internet for sales, for trade and for human resources services. What reassurance and advice can the Minister give to charities and businesses in Harlow, if they are worried that they might be the next victims of such attacks?
Chris Bryant
Basically, every organisation in the country should be considering whether they might be the next under attack. It is possible that there might already have been an attempted attack on them. Obviously, iconic brands such as M&S and JLR are possible candidates in that sense, but I urge all organisations to take these issues seriously, because the costs are dramatic, both financially and in staff power.
Carla Lockhart (Upper Bann) (DUP)
Cyber-security costs are rarely taken into account by any company, but for a company such as JLR, such costs should be easily absorbed because of its profit margins. SMEs do not have that luxury. Their profit margins will not necessarily cover the costs, and often they hold just as much personal and financial data. The Government should be coming alongside those businesses and assisting them to ensure that their security is industry-standard and that they are secure. Can the Minister give me an update on that?
Chris Bryant
The hon. Member is absolutely right that it is not just about big companies, listed companies or, for that matter, big organisations in the public sphere; it is also about much smaller ones, which may have all sorts of different attacks. I am not sure whether she is asking for financial support.
Chris Bryant
Ah, she is. I saw the nod. I am not sure how Hansard records a nod, other than the fact that I have now said it. The important point is making sure that everybody has an understanding that cyber-security is important to every single organisation, big or small, and the services of the state are there to help.
Richard Foord (Honiton and Sidmouth) (LD)
The Minister talked about a cross-Government approach, and last week the Ministry of Defence stood up the cyber and specialist operations command, building on the foundations of strategic command and bringing together more than 26,000 specialists. Can the Minister comment on what collaboration exists between officials at the Department for Business and Trade and those working in this area in the MOD?
Chris Bryant
The primary relationship is between my Department, because we have responsibility for businesses and making sure that they can prosper in the future, the Department for Science, Innovation and Technology, as represented by my hon. Friend the Member for Vale of Glamorgan (Kanishka Narayan) here, and the Minister for Security in the Home Office, but the hon. Member makes a good point. The MOD has an equal responsibility for ensuring that we are all secure.
Mr Speaker, I am sure that some kind of digital identification service will be available for identifying the right MP to call.
Jim Shannon (Strangford) (DUP)
Always rear gunner. I am pleased to see the Minister in his position. It is well earned, and we are pleased to see him where he is. He will be aware that cyber-attacks on Marks & Spencer and Co-op have left many people concerned about the security of their information online. This attack on Jaguar will heighten those concerns, and businesses in my constituency have told me that. I have been contacted by people who are concerned about the ramifications of a cyber-attack on the Government’s systems, particularly in health. What discussions have been held with Cabinet colleagues on the robustness of cyber-defence, and what information can be shared with private businesses to help them defend themselves against these criminals that we all fear?
Chris Bryant
In fact, the first of these big cyber-attacks was on the British Library, which is an arm’s length body of the Department for Culture, Media and Sport, so some of these lessons were taught immediately to Government. The hon. Member is absolutely right, and we need to make sure across every Department that not only is data—personal data and all other kinds of data—secure where it needs to be, if it is not open-source, but that cyber-attacks can be rebuffed, spotted and prevented at all costs. That is an ongoing piece of work between the different parts of Government. When we are able to bring forward the cyber Bill in the very near future—sorry, soon—I hope that we will be able to address some of these things and discuss them in the round in the House.