Question to the Cabinet Office:

To ask the Minister for the Cabinet Office, what assessment he has made of the risk posed to Government cyber-security of human error by staff contracted from private sector firms working for Government departments.

Contractors working for Government departments are subject to the same security standards and training as civil servants depending on their access to government systems and information. Basic cyber security awareness is an essential protection against attacks such as email phishing and departments are already providing training for their staff and contractors on this. In addition, the National Cyber Security Centre’s new Active Defence Measures will ensure that government systems have increased protection from phishing and other cyber attacks.