The UK Government has unveiled a major Cyber Action Plan, backed by £210 million, to strengthen the security and resilience of online public services. The plan sets out how government will tackle growing cyber threats and ensure citizens can use digital services with confidence – whether applying for benefits, paying taxes, or accessing healthcare.
At the heart of the plan is a new Government Cyber Unit, which will coordinate rapid improvements in cyber defences across departments and the wider public sector. This initiative underpins the government’s ambition to digitise public services, making them more accessible and efficient while safeguarding trust.
As more services move online, robust security is essential. Cyber attacks can disrupt critical services in minutes, undermining public confidence and causing widespread harm. The Cyber Action Plan addresses these risks head-on, ensuring that digital transformation is matched by strong protection.
The plan coincides with the Cyber Security and Resilience Bill’s Second Reading in the House of Commons, which sets clear expectations for firms providing services to government — from energy and water suppliers to healthcare and data centres — to strengthen cyber resilience across supply chains.
- Clearer visibility of risks: Identifying and prioritising cyber vulnerabilities across government.
- Stronger central action: Coordinated response to severe, complex risks that no single department can tackle alone.
- Faster incident response: Mandating robust response arrangements to minimise harm and speed recovery.
- Higher resilience at scale: Closing major gaps and protecting critical services nationwide.
The plan also introduces a Software Security Ambassador Scheme to promote the Software Security Code of Practice, reducing supply chain attacks. Industry leaders including Cisco, Palo Alto Networks, Sage, Santander and NCC Group will champion best practices and showcase implementation.
With 59% of organisations reporting software supply chain attacks in the past year, embedding secure coding standards is vital to protect essential services and the economy.
Ian Murray, Digital Government Minister, said:
“Cyber-attacks can take vital public services offline in minutes – disrupting our digital services and our very way of life.
“This plan sets a new bar to bolster the defences of our public sector, putting cyber-criminals on warning that we are going further and faster to protect the UK’s businesses and public services alike.
“This is how we keep people safe, services running, and build a government the public can trust in the digital age.”
The £210 million investment will fund minimum security standards, hands-on support for departments, and accountability measures to fix vulnerabilities quickly. These actions aim to deliver secure, reliable digital services that protect citizens, support economic growth, and maintain trust.
Image credit: iStock
