Prime Minister Boris Johnson has defended the choice of a central London headquarters for a newly created cyber security centre, after a parliamentary committee criticised it for being overly expensive.
The National Cyber Security Centre (NCSC), a part of the UK’s GCHQ intelligence agency, is charged with protecting the nation from cyber attacks.
The centre was opened in 2017 at Nova South, a towering glass building in the heart of London’s regenerated Victoria area.
The procurement of the office has been criticised by Parliament’s Intelligence and Security Committee (ISC), which said the choice was “expensive” and “around double the cost of typical Government accommodation in London.”
“The cost significantly exceeded the funding allocation, meaning that GCHQ is paying for the shortfall out of its main budget—money which could otherwise have been spent on operational capabilities,” said an ISC statement by Labour MP Kevan Jones and Scottish National Party MP Stewart Hosie.
The committee found that GCHQ prioritised image over cost, set inappropriate selection criteria, and then changed those criteria without justification.
“Even disregarding the faulty criteria, it is clear that GCHQ selected Nova South against all the evidence,” said the report, which was published on Thursday.
The prime minister, who is self-isolating in Downing Street after coming into contact with a Conservative MP who later tested positive for COVID-19, defended the decision to choose the property in a written statement to Parliament, saying that the procurement was “undertaken within a demanding time frame” at a time when “there was an urgent need for the Government to increase its defensive cyber capabilities and respond to global cyber incidents.”
“As the public-facing part of GCHQ and the UK’s lead technical authority on cyber security, the NCSC required a workspace which balanced the need for accessibility and operational capability to defend the UK against cyber threats effectively,” he said.
The NCSC defended the UK from an average of 60 attacks per month during the past year, according to its latest annual report published earlier this month.
According to the report, more than a quarter of all these cyber-attacks involved criminals and hostile states exploiting the COVID-19 pandemic, which was caused by the CCP (Chinese Communist Party) virus.
On July 22, UK’s Foreign Minister Dominic Raab said he was “deeply concerned” over evidence that “China is engaged in malicious cyber attacks against commercial, medical, and academic institutions, including those working to respond to the coronavirus pandemic.”