The UK government has unveiled a £210 million Cyber Action Plan aimed at strengthening the security and resilience of online public services, as cyber threats against the public sector continue to intensify.
Announced in London on 6 January, the plan is designed to safeguard critical digital services used by millions of citizens every day, including benefits, tax systems and healthcare platforms. It will be overseen by a new Government Cyber Unit, tasked with coordinating defences across departments and holding public bodies to account for addressing vulnerabilities.
The investment forms part of the government’s wider digital transformation agenda, which seeks to expand access to online services, cut administrative burdens and unlock up to £45 billion in productivity gains across the public sector.
Ian Murray, digital government minister, said cyber-attacks posed a direct threat to the functioning of the state.
“Cyber-attacks can take vital public services offline in minutes, disrupting our digital services and our very way of life,” he said. “This plan sets a new bar to bolster the defences of our public sector, putting cyber-criminals on warning that we are going further and faster to protect the UK’s businesses and public services alike.
“This is how we keep people safe, services running, and build a government the public can trust in the digital age.”
The plan comes amid mounting concern over the scale of cyber risk facing public bodies. According to data from National Cyber Security Centre, the number of highly significant cyber-attacks has risen by 50 per cent over the past year.
Andy Ward, senior vice-president international at Absolute Security, said the government’s focus on resilience was overdue.
“Our research shows that 59 per cent of CISOs already view cyber as the single biggest threat facing the UK, above AI and other emerging risks,” he said. “We’ve seen first-hand how high-level cyber-attacks can cause costly operational downtime when defences aren’t strong enough.
“This year, resilience must remain front and centre. Organisations need the ability not just to prevent attacks, but to identify threats quickly, manage disruption and return to full service with minimal delay.”
Sawan Joshi, group director of information security at FDM Group, warned that the pace of attacks was accelerating.
“According to the NCSC, the UK is now experiencing four nationally significant cyber-attacks every week,” he said. “In this environment, it is essential that both government and business act decisively.
“Measures to secure public services are vital, but true cyber resilience also depends on continuous training and sustained investment in developing the next generation of cyber talent.”
Ministers say cyber resilience is now central to the government’s mission of national renewal. Secure, reliable digital public services are seen as critical to protecting citizens, supporting economic growth and delivering better value for taxpayers, while maintaining trust in the systems communities rely on every day.
