Speaker’s Conference on the security of MPs, candidates and elections

First Report of Session 2024–25

Speaker’s Conference on the security of MPs, candidates and elections has published its first report of session 2024-25, laying out the evidence, conclusions and recommendations from the first phase of its work.

Threats against candidates and MPs and their impact on the democratic process
Effectiveness of the response: Elections
Effectiveness of the response: security of MPs
The Conference’s next phase of work

You can read the full report here: https://publications.parliament.uk/pa/cm5901/cmselect/cmspeak/570/report.html#heading-0

New! Information Management Hub

A new Information Management hub has been launched on ParliNet, bringing together information compliance, management and security guidance into one place.

Visit the IM hub to find guidance on what you need to do at every stage of managing your information, from when you first create and store information, to when we no longer need to keep information.

Updated Changes to Members’ staff security vetting

In May 2024, the House of Commons Commission endorsed a number of changes to vetting policies, including that all Members’ staff funded by IPSA must be security cleared and this will come into force on 1 April 2025.

Please see this news article for further information: https://parlinet.parliament.uk/information-resources/news-newsletters-notices/news/2025/february/changes-to-members-staff-security-vetting/

and also this w4mp guide to security clearance for Members’ staff

https://w4mp.org/jobs-listings-events/jobs/members-staff-security-verification-questionnaire/

Have you ordered your free SOS device yet?

All MPs are issued with an SOS device, but they are also available for all IPSA-funded staff of MPs. The cost of these devices is funded by the Security team

It is recommended that Members and their staff carry a lone worker/SOS device, which has the ability to summon assistance in the event of an incident or a problem.

For full details, please see this intranet page:

https://parlinet.parliament.uk/services/security-for-members/security-support-services/lone-worker-device-lwd

SOS Devices

Have you moved offices?

If you have an SOS Device (Lone Worker Device) and have moved from working for one MP to another MP, please make sure that you contact SAFE@parliament.uk to update your details with them.

Dissolution Guidance – South West briefing for Members’ offices

Members’ offices are offered an opportunity to join an in-person briefing in Bristol with representatives of relevant services from across the House Administration and IPSA to find out more about the Dissolution Guidance and ask any questions they may have.

To register to attend, please email MST@parliament.uk

Teams Discussion Forums

Did you know that the Members’ Services Team runs discussion forums on Teams for Caseworkers and those who have a management role in an MP’s office?

The Members’ Office Management Forum has a weekly meeting at 11:00 every Wednesday which is full of useful information and gives the opportunity to raise queries with representatives from the Parliamentary Digital Service, the Parliamentary Security Department, the Human Resources team, the House of Commons Library, the Vote Office and more. There are weekly guest speakers, including regular visits from IPSA. It also has a text chat facility for when you have quick questions to ask.

The Caseworker Discussion Forum hosts a monthly All-Staff Q&A which you can sign up for on ACT, and the text chat is always active.

If you would like to be added to either (or both) of these forums, please email MMSST@parliament.uk from your parliamentary network account, stating which MP you work for and your role in the office.

Briefing note for Members’ Office Managers from the Cybersecurity Team 8/2/23

Please note that links to the old Parliamentary intranet have been removed as of October 2023. Please use search on ParliNet to find relevant current details, if available.

https://parlinet.parliament.uk/house-of-commons-members-staff/

Please note that you will need to have a Parliamentary Network Account in order to access some of the links on this page.

Last week the Speakers of both houses sent notices to members regarding spear-phishing attempts.

You may have seen in the news today that MP Stewart McDonald has been subject to a cyber attack on his personal emails.

In the media: SNP MP Stewart McDonald’s emails hacked by Russian group – BBC News

The source of the attack is thought to be a Russian based group called SEABORGIUM. We are briefing you to raise your awareness of the tactics used and the measures you should take to protect your personal accounts. It applies to both members and to members’ staff, so I ask that you to share the guidance with your teams. This is a quick briefing for now to update you and further more comprehensive communications issued in due course.

What you need to know:

Stewart McDonald’s personal email was compromised
The hackers achieved this by compromising the personal email account of one of his staff, who was locked out
The group sent Stewart an email from the staff account with a malicious password-protected attachment
The topic of the email was relevant to the member’s work and looked like a genuine message from his staff

Our advice:

Be sure that you are communicating with the individual you think you are – if possible, use a separate means of contact to validate this
Do not click on links or open files unless you are sure of their source
Secure your personal accounts – use strong, unique passwords and turn on multi-factor/2-factor authentication on your social media accounts and personal email
Use a different password for your Parliamentary account
Use Parliamentary devices for Parliamentary business whenever possible
Do not set up any automatic email-forwarding between your Parliamentary email and personal accounts
Protect and update your personal devices. Security tips for your mobile phone – intranet PDF
Book a cyber security briefing with your local engagement team
Report suspicious messages or activity to the Parliamentary Digital Support Desk by calling x2001

For more insight on phishing visit the cyber security intranet pages. The ‘Think Before You Link’ app, from the Centre for the Protection of National Infrastructure (CPNI) helps you identify malicious online profiles and reduce the risk of being targeted. For further information, visit Think before you link app – CPNI webpage.

ICO – updated guidance on video surveillance

The Information Commissioner has issued updated guidance on video surveillance. Please click the link below to be take to the ICO website:

https://ico.org.uk/for-organisations/guide-to-data-protection/key-dp-themes/guidance-on-video-surveillance/

Personal Security

We at w4mp are shocked at the news that Sir David Amess, MP for Southend West has died from his injuries after having been attacked at his advice surgery this afternoon. We offer our sincere condolences to his family, friends and staff at this awful time.

Members and their staff need to remain alert and be aware of their security. Please do read our guide here: https://w4mp.org/w4mp/w4mp-guides/guides-to-parliament/security-at-westminster-and-in-constituency-offices/ for information about the support which is available to you.

The Members’ Security Support Service (MSSS) provides guidance, advice and support to members of both Houses and their staff, about security away from the Parliamentary Estate. You can call them on 020 7219 2244 if you wish to discuss anything related to security and personal safety.

Security away from Parliament, including at advice surgeries and in constituency offices: https://parlinet.parliament.uk/working-here/lords-staff-handbook/about-house-of-lords/security/