Security officials have begun to deliver custom-built secure mobile phones and desktops to senior government figures under the much-delayed project Foxhound.
The Cabinet Office-led project was dubbed a “very significant cybersecurity delivery breakthrough” by the National Cyber Security Centre (NCSC)’s CEO Ciaran Martin in oral evidence to the Public Accounts Select committee this month.
He was among the civil servants facing a grilling from MPs over cybersecurity project delivery, following a row over the opacity of the government’s National Cyber Security Programme and questions over its performance management.
What is Project Foxhound?
Foxhound was put forward as an example of a recent cybersecurity success.
It involves highly secure, encrypted handsets for members of the Cabinet, amid an ongoing push to modernise government security.
Originally designed to replace 15 separate confidential networks and other classified systems, the project was described as three years late and “not on track to deliver the £308 million of anticipated benefits over 10 years” by the National Audit Office in 2016.
The government has faced pressure to itemise how it is spending £1.9 billion under the programme, with the Joint Committee for the National Security Strategy saying “such lack of transparency about such large sums of public money is of serious concern”.
A recent National Audit Office (NAO) report suggests upwards of £100 million has been allocated to the Foxhound project, with hardware now being delivered. The Cabinet Office, which the NCSC describes as leading the project, referred detailed questions about the project to the NCSC, which did not respond to a request for comment.
Although the NAO report does not provide a precise breakdown of spending, it highlights £35 million to “part-fund the Department’s programme to develop a secure, cross‑government IT network called Foxhound” and notes a further £69 million dedicated to funding Foxhound and the troubled Verify programme.
Martin told the PAC committee: “Foxhound, at the moment, for those who do not know it, is essentially about secret desktops and mobiles for senior policy makers and Ministers. As the Government’s chief cyber-security adviser, I was not content with the situation where members of the Cabinet, such as the Cabinet Secretary and so forth, did not have access safely to secure mobile technology that allowed them to talk in secret.”
He added: “Thanks to this programme, which is Cabinet Office-led and supported by our cryptographic experts, we are now getting there and rolling out the handsets. That is a very significant cyber-security delivery breakthrough for the Government.”
It is unclear the extent to which the NCSC/GCHQ and its industry partners have helped deliver their own hardware, or heavily customised off-the-shelf phones for stronger encryption. The project comes after a gaff by Defence Secretary Gavin Williams in which he left is iPhone’s advisor Siri on in Parliament that raised security questions.