Question to the Ministry of Defence:
To ask the Secretary of State for Defence, what steps his Department is taking to (a) enhance cybersecurity and (b) protect personal data.
The Ministry of Defence (MOD) takes its cybersecurity and data protection obligations very seriously. The Cyber Resilience Strategy for Defence published in May 2022 sets out the steps that the Department is taking to enhance cyber security, thereby also protecting personal data in accordance with UK GDPR Article 5(1)f. The strategy is underpinned by four funded and dedicated defensive cyber programmes to mitigate cyber risks against our platforms, weapon systems and core digital infrastructure.
The MOD uses the Information Commissioner’s Office Accountability Framework to determine, monitor and drive data protection improvement measures across the Department. These are delivered through a network of Data Protection Advisors within each main business area.