UK Unveils £210m Cyber Action Plan to Strengthen Public Sector Digital Resilience
Resources | Blog

UK Unveils £210m Cyber Action Plan to Strengthen Public Sector Digital Resilience

BY Imogen Stubbs

The UK Government has recently announced a new £210 million Cyber Action Plan aimed at strengthening the security and resilience of online public services, as cyber threats against the public sector continue to grow.

Published on January 6 by the Department for Science, Innovation and Technology (DSIT), the action plan outlines how the government will improve cyber defenses across departments and the wider public sector, ensuring the public can safely access online services such as benefits, tax systems, and healthcare systems.

The Cyber Action Plan aims to rapidly strengthen cyber defences and digital resilience across government departments and the wider public sector, ensuring people can trust that their data and the services they rely on are secure and protected.

Key outcomes of the plan include:

  • Clearer visibility of risks: shining a light on cyber and digital resilience risks across government.
  • Stronger central action on the toughest challenges: taking decisive, joined-up action across departments on severe and complex risks that no single organization can solve alone.
  • Faster response to threats and incidents: reacting quickly to fast-moving cyber threats and vulnerabilities by requiring departments to have robust incident response arrangements in place.
  • Higher resilience across government: boosting resilience at scale, with targeted measures to close major gaps and protect critical services.

The action plan reinforces the government’s drive to digitize public services while also exposing the fragility that comes with increased reliance on digital infrastructure. Cyberattacks can take vital public services offline in minutes, disrupting lives and undermining confidence. Trust in digital services is therefore not merely desirable, but fundamental to the delivery of modern government.

In the government press release, Digital Government Minister, Ian Murray, states:

“This plan sets a new bar to bolster the defenses of our public sector, putting cybercriminals on warning that we are going further and faster to protect the UK’s businesses and public services alike.”

Assured Data Protection’s Response

In response to the recent announcement, Stew Parkin, Global CTO at Assured Data Protection, comments:

“The £210m Cyber Action Plan signals that the government recognizes the scale and urgency of the cybersecurity challenge. However, with the threat landscape moving faster than policy, there is a risk that this becomes another well-intentioned action plan, when what’s really needed is direct, sustained investment in frontline cyber capabilities.

What is often overlooked is that public sector organizations already understand the risks. However, they are constrained by funding models and procurement processes that make it difficult to adopt modern security platforms. Organizations are being asked to defend modern, cloud-connected environments using legacy platforms that were never designed for today’s threat landscape. Without meaningful reform in how cyber capabilities are funded and purchased, plans risk repeatedly diagnosing the problem rather than fixing it.

Real resilience will only improve when organizations have the buying power and flexibility to invest in modern security, recovery, and resilience capabilities that can be deployed, operated, and evolved at speed.”

To read the Government Cyber Action Plan Policy Paper, visit:
https://www.gov.uk/government/publications/government-cyber-action-plan/government-cyber-action-plan

To read the government press release, visit:
https://www.gov.uk/government/news/new-cyber-action-plan-to-tackle-threats-and-strengthen-public-services

Further News:

The Cyber Action Plan announcement coincides with the Cyber Security and Resilience Bill reaching its Second Reading in the House of Commons. The bill will introduce clearer expectations for organizations providing services to government, including those operating in critical sectors such as energy, water, and healthcare, to strengthen cyber resilience across supply chains.

Progress on the Cyber Security and Resilience Bill is available here:
https://bills.parliament.uk/bills/4035