Question to the Department for Digital, Culture, Media & Sport:

To ask the Secretary of State for Culture, Media and Sport, pursuant to the Answer of 28 February 2017 to Question 64527, when the next regular review of all cyber security standards will be conducted.

The Government keeps the material relating to cyber security standards for which it is responsible - such as the Cyber Essentials scheme - under regular review and updates it as and when required.

For example, following industry and customer feedback, the requirements for the Cyber Essentials scheme were recently updated and can be found at:

https://www.ncsc.gov.uk/information/requirements-it-infrastructure-cyber-essentials-scheme

The vast majority of technical standards are owned and driven by industry, for example the ISO 27001 range of standards on cyber security. These standards are usually global in nature, and governments are part of the debate amongst many industry voices when it comes to reviewing and/or amending a given standard.