UK unveils GBP £210m cyber plan to bolster public services

The UK government's new Cyber Action Plan has drawn cautious support from security specialists, who say the GBP £210 million initiative and creation of a central cyber unit mark a shift towards more coordinated defence of online public services.

The plan sets out measures to improve the security and resilience of digital public services amid rising cyber threats and increasing digitisation across central and local government, health, and other critical sectors.

It follows a period of sustained concern over attacks on public infrastructure, supply chains and software, and comes alongside the proposed Cyber Security and Resilience Bill.

There is growing pressure on government departments and public bodies to address legacy technology, fragmented risk management and skills shortages that security experts say leave essential services exposed.

Industry figures say the new plan indicates a stronger central role for government in managing systemic cyber risk, including the formal establishment of a Government Cyber Unit.

Central coordination

Specialists have long argued that the public sector's cyber posture suffers from inconsistent funding and siloed approaches across departments and agencies.

They say central direction combined with sustained investment is necessary in order to address cross-cutting vulnerabilities, rather than leaving individual organisations to manage risks in isolation.

One focus of the plan is expected to be improved visibility of risks across government systems and a clearer allocation of responsibility for securing critical services.

Another area is expected to be shared standards and common approaches to cyber security across digital public services.

"The publication of the Government Cyber Action Plan is a clear signal of how government is thinking about cyber security across digital public services. £210m of investment and the formal creation of the Government Cyber Unit are welcome. Central coordination and sustained funding have often been fragmented or short-lived in the past, so it's encouraging to see both called out explicitly. Coming alongside the Cyber Security and Resilience Bill, this is a necessary companion. As expectations are raised across critical sectors and supply chains, it's right that government also focuses on addressing its own cyber security challenges and getting a better grip on systemic risk, rather than only pushing requirements outward, which is genuinely positive to see. That timing also matters in the current geopolitical climate. Cyber-attacks against public services are an obvious vector in hybrid warfare, where disrupting service delivery can undermine societal trust and cohesion. Early days, and delivery will matter more than structure, but this looks like a constructive step for government and a useful signal for the wider cyber community," said Ric Derbyshire, Principal Security Researcher, Orange Cyberdefense.

Legacy exposure

Analysts say public bodies across the UK often rely on legacy systems that are harder to secure and more costly to maintain, while operating under tight budget constraints.

They also point to a patchwork of accountability for cyber risk across departments, agencies and arms-length bodies that can slow responses to incidents and weaken oversight.

Security teams in the public sector face rising volumes of attempted attacks as more services move online and as adversaries target critical infrastructure for disruption and extortion.

Digital transformation programmes have increased connectivity and data sharing between systems, which can expand the potential attack surface if controls do not keep pace.

Experts say the government's plan indicates a wider move towards risk-led defence and earlier detection of attacks on public services.

They highlight the need for stronger lines of defence around citizen data and key operational systems in health, local government and other services.

They also underline the importance of sustained funding if departments are to replace or remediate vulnerable legacy platforms.

One commentator said the government's intervention reflected a recognition that current levels of exposure could damage trust in core public infrastructure.

"The government's Cyber Action Plan is a timely acknowledgement of how exposed public services have become as digitisation scales. Legacy systems, limited budgets and fragmented ownership of risk across the public sector are creating a level of exposure that could easily compromise public trust in the UK's core infrastructure. But this move by the Government, along with the scale of investment reflects a shift toward coordinated risk-led defence - and that is significant. Centrally coordinated oversight can help close gaps and maintain a more robust line of defence against attacks- stopping them early before they unravel. "The emphasis on supply chain resilience is especially important. Public services depend on complex ecosystems of software vendors and managed service providers (MSPs), and attackers know this. Raising minimum standards will reduce the likelihood that a single weak link can disrupt essential services and better protect public data," said VimalRaj, UK Technical Head, ManageEngine.

Software supply chains

The Cyber Action Plan also highlights the government's focus on software supply chain security, including a voluntary Software Security Code of Practise and a Software Security Ambassador Scheme.

The scheme is intended to encourage wider adoption of secure software development and procurement practices across organisations supplying the public sector.

Recent incidents affecting third-party providers have exposed dependencies in public sector systems, including where a single compromise can affect multiple agencies.

Security companies say the plan's references to public and private sector collaboration reflect the need for shared approaches to emerging threats, especially as software supply chains become more complex.

One security firm involved in the ambassador initiative said the plan responds to a measurable increase in serious cyber incidents.

"The Government's new Cyber Action Plan is a timely and necessary step. Cyber threats are now a daily reality for organizations delivering vital public services, reflected in the 50% increase in highly significant incidents handled by the NCSC last year. "It is therefore welcome to see the Government acting decisively, backed by £210 million of funding, to address long-standing challenges such as legacy systems, skills gaps and unclear accountability. To succeed, progress must be tracked against clear, measurable targets and supported by collaboration across the public and private sectors, drawing on the UK's world-leading cyber expertise. "As a long-standing partner to the UK Government, and having contributed to the Software Security Code of Practise since its inception, NCC Group is proud to be a Software Security Ambassador. We are committed to promoting the Code's principles and working closely with the Government to strengthen resilience across the UK's critical services and supply chains," said Mike Maddison, CEO, NCC Group.