UK Government pledges £210m to new cyber action plan, admitting 'critically high' cyber risk remains

Concept art representing cybersecurity principles

Nytt DDoS-rekord (Image credit: Shutterstock / ZinetroN)

The UK Government has admitted it won't be fully secure against cyberthreats by its 2030 deadline
Public sector cyber risk remains "critically high," says Tech Minister
Senior leaders could be personally accountable for outcomes

The UK Government has committed to spending £210 million in order to improve its cybersecurity stance after admitting that its cyber policy has failed, and that it's no longer on track to secure all government bodies against unknown threats by the end of the decade.

Despite years of strategies, Britain's public sector cyber risk remains "critically high" with recurring failures proving the admission isn't based on hypothetical theories.

An over-reliance on non-binding guidance, instead of mandatory requirements, was blamed, as well as the use of legacy IT systems that continue to be used across more than a quarter of(28%) of government operations.

UK Government admits it won't be secure by 2030

The Minister of State for Department for Science, Innovation and Technology, Rt Hon Ian Murray, explained that siloed departments and a chronic underinvestment in IT infrastructure has created a debt, whereby state actors and organized criminals have outpaced the government's capability.

Some of the real-life cases cited include a ransomware attack that disrupted NHS blood testing, 2023's British Library ransomware attack and the 2024 Crowdstrike outage.

The admission serves primarily as a notification that things aren't quite working, with a broader National Cyber Action Plan set to follow later this year.

As part of that plan, a new Government Cyber Unit is set to be created, backed by a £210 million investment. It will be tasked with setting mandatory policies and standards and coordinating incident response.

Senior leaders could also be held personally accountable for cyber outcomes, which has previously been criticized in business settings. At the end of 2024, we reported that 15% of CISOs could be discouraged from taking on the role due to prosecution threats.

So, while the government continues to partner with Big Tech to roll out productivity-boosting AI across its departments, it's clear that a structural and cultural reset is needed to take a hold of cybersecurity as threats amplify.

Follow TechRadar on Google News and add us as a preferred source to get our expert news, reviews, and opinion in your feeds. Make sure to click the Follow button!

And of course you can also follow TechRadar on TikTok for news, reviews, unboxings in video form, and get regular updates from us on WhatsApp too.

With several years’ experience freelancing in tech and automotive circles, Craig’s specific interests lie in technology that is designed to better our lives, including AI and ML, productivity aids, and smart fitness. He is also passionate about cars and the decarbonisation of personal transportation. As an avid bargain-hunter, you can be sure that any deal Craig finds is top value!

You must confirm your public display name before commenting

Please logout and then login again, you will then be prompted to enter your display name.