15 December 2025

The research, conducted in partnership with Positive, surveyed 300 IT decision-makers across national government, local authorities, emergency services, and educational institutions.

The findings reveal that educational institutions are primarily worried about insider threats, a concern driven by their diverse user base that includes younger students, external stakeholders, and frontline staff under significant pressure. Emergency services, which rely heavily on operational technology and play a critical role in national infrastructure, see their biggest risk in supply chain vulnerabilities. Local government IT teams are most concerned with social engineering tactics such as phishing and vishing, with nearly half (44%) citing these as their top threats. In contrast, national government IT personnel are taking a longer-term view, with 39% expressing concern over a shortage of skilled cybersecurity professionals.

These differing priorities highlight the complexity of safeguarding public services, especially as IT leaders grapple with budget constraints, legacy system modernization, and internal resistance to change. While recent ransomware incidents have heightened awareness around recovery efforts, there is now a growing focus on boosting detection and prevention capabilities to build genuine cyber resilience. Many public sector organisations are also exploring the use of artificial intelligence to speed up data integrity testing, although questions remain about its effectiveness in simulating real-world recovery scenarios.

“Cybersecurity across the UK public sector is at a critical juncture. From frontline services to central government, IT leaders must adapt their strategies to meet the unique challenges they face — all while navigating tight budgets and the push to adopt new technologies,” said Fraser Hutchison, Vice President for Northern Europe at Cohesity.