Ben Birchall/AFP/Getty Images
show image

Labour vows to give NCSC new auditing powers

The Labour Party has unveiled plans to give security officials the power to audit public and private sector organisations’ cyber defences.

Plans to review the National Cyber Security Centre’s (NCSC) powers were outlined in the party’s manifesto (PDF) on Thursday (21 November) ahead of next month’s general election.

Under the proposals, officials working for NCSC, the public-facing division of GCHQ, would have the power to issue warnings to organisations in order to designate their cyber risk.

If it wins the 12 December election, Labour also plans to create a new ministerial role dedicated to cyber security, and review the structures of the National Crime Agency so that it is better prepared to respond to “all types of economic crime”.

The manifesto states: “Cybercrime and cyberwarfare are growing, all around the world. Every aspect of our lives, from the NHS to our nuclear facilities, from transport systems to communications networks is vulnerable.”

The party added: “A Labour government, ever more dependent on digital technology, will overhaul our cybersecurity by creating a co-ordinating minister and regular reviews of cyber-readiness.”

Labour has also pledged to invest more money in the NHS’s cyber defences. The health service was one of the most high-profile victims of the 2017 WannaCry ransomware attack, which left its IT team with a £73m bill and forced doctors to cancel thousands of appointments.

Commenting on the pledges, Matt Lock, technical director at Varonis said: “All political parties should have a cybersecurity platform – it’s a matter of national defence in our connected age. Just as political parties present their plans for jobs, education, and healthcare, they would be smart to add cybersecurity to that list.”

On the topic of healthcare, the party has promised to take steps to protect patient records. “We will ensure data protection for NHS and patient information, a highly valuable publicly funded resource that can be used for better diagnosis of conditions and for ground-breaking research,” the manifesto states. “We will ensure NHS data is not exploited by international technology and pharmaceutical corporations.”

Elsewhere in the manifesto, the party says it will create a new legal right to collective consultation on new workplace technology, retrain workers displaced by automation and create a Charter of Digital Rights.

The Conservative Party is expected to publish its manifesto at the end of the month.