Speeches by Narayan.

“Clause 36 sets out that the Secretary of State may issue a code of practice for regulated entities. The code will describe recommended steps to help these entities to comply with their duties and requirements under the NIS regulations and any new regulations made under the Bill. This will make it simpler for regulated …”

“No. Question put and agreed to. Clause 29 accordingly ordered to stand part of the Bill. Clauses 30 to 35 ordered to stand part of the Bill. Clause 36 Code of practice Question proposed, That the clause stand part of the Bill.”

“The Bill’s new powers enable regulators to set up charging schemes, but it is not prescriptive about how it should do that beyond certain baseline requirements. More specific requirements, as provided for in the Bill, could become clear, such as if cost recovery mechanisms are not working effectively or if regulators a…”

“I apologise for the pace of my speech; I will try to make sure I am speaking more slowly. On the particular point on transparency and ensuring that any amendments to cost recovery are both transparent and grounded in specific provisions, I can set out the sorts of expectations we have had for circumstances in which ame…”

“Clause 29 is the key pillar of the Bill’s future-proofing powers. It allows the Secretary of State to update, amend or replace the NIS regulatory framework by creating new regulations. This is a critical provision. Due to the way in which the NIS regulations were transposed into UK law, the Government lack a way of upd…”

“Any legislation made under clause 29 will need to align with the Bill’s clearly specified purposes to protect the systems that underpin our vital services. In any case, secondary legislation will require deep consultation to ensure that businesses have the sense of clarity that they require. There is a specific bar to …”

“I am, of course, very happy to take on my hon. Friend’s recommendation that I be the promoter and ambassador for the Bill across the country. I am only sad not to have been invited to visit his constituency in the act of promoting said Bill, but I take his point seriously. On the broader point about skills, I entirely …”

“I share the hon. Member’s recognition and her gratitude that we have not experienced the sort of incident that she described. The NCSC has told her, me and other Committee members that it brings regulators together and has done so on a number of occasions in the past to share cross-sectorally an understanding of emergi…”

“I might just make a slight bit of progress. As I mentioned in a previous session, the programme reached 415,000 students, and it has now been evolved into the wider TechFirst scheme as well. The shadow Minister, as well as the hon. Member for Bromsgrove, made a very important point about resilience in particular and so…”

“I appreciate the intent behind the amendments and the shadow Minister’s position of understanding but not supporting them, which I share. I share his concerns about the potential for emerging risks posed by AI systems, not least in the realm of cyber-security. At the same time, I am conscious that we have not specified…”

“Clause 13 ensures that operators of data centres provide essential information to regulators, enabling them to properly monitor their sector and its cyber-resilience. The clause requires operators to submit key details, such as names, addresses and contact information, within three months of designation, and to update …”

“I believe that where the shadow Minister laid out any specific concerns, I was able to set out answers, not least on the process for the designation of critical suppliers and the availability of an appeals process. Where his points were more in the realm of specific hypothetical puzzles, I have stayed clear for precise…”

“I thank my hon. Friend for that point. This issue has not come out of nowhere. Industry and a number of organisations asked that we introduce the measures in the clause. Beyond the very clear five-step test for critical supplier designation, the Bill provides that the requirements on critical suppliers are proportionat…”

“On the first point, I am afraid that I do not think that was an appropriate characterisation, because where the sectoral scope is clear and where there is a clear risk of critical national infrastructure and essential services being directly exposed, we have specified that in the Bill. We have looked at the impacts set…”

“I commit to giving way at the end of my speech to the shadow Minister and the hon. Member for Spelthorne. On the question of consultation, I am happy to confirm that the team in question has set up an implementation-focused effort. We have started to engage with regulators already, and there will be an extensive proces…”

“I commit to giving way to the hon. Gentleman at the end of my speech. He asked about schools. I am happy to confirm that schools are not in the scope of the Bill. In response to the shadow Minister, I highlight that the five-step test is cumulative: a business must meet all the conditions to be designated as critical, …”

“First, I will respond to the apt and thoughtful points from the hon. Member for Bognor Regis and Littlehampton on operational technology. I can confirm to her that both vendors and providers of operational technologies will be covered by the provision of the five-step test for critical supplier designation. That is an …”

“Clause 12 will introduce a new power for regulators to designate critical suppliers to organisations as in scope of the NIS regulations. These are suppliers that are so pivotal to the provision of essential digital or managed services that a compromise or outage in their systems can cause a disruption that would have s…”

“Having closed the debate, I am happy to conclude. Question put and agreed to. Clause 9 accordingly ordered to stand part of the Bill.”

“I simply point out to the hon. Member that the pricing for law varies materially. I hope that, with the benefit of technology, it continues to be very accessible to all relevant providers.”