.jpg?lu=468)
07 January 2026
The UK Government has unveiled a significant new Cyber Action Plan aimed at enhancing the security and resilience of online public services, including benefits, tax, and healthcare systems. 
Backed by £210 million and spearheaded by a dedicated Government Cyber Unit, the plan adopts a coordinated strategy to combat the rising tide of cyber threats targeting government operations, ensuring citizens' data and services remain protected and trustworthy.
This initiative aligns with the UK’s broader digital transformation agenda, which seeks to expand access to online services, reduce administrative burdens, and unlock up to £45 billion in productivity gains across the public sector. By fortifying cyber defenses, the government aims to prevent disruptions that could have severe impacts on vital services.
Digital Government Minister Ian Murray emphasized the urgency: “Cyber-attacks can take vital public services offline in minutes – disrupting our digital services and our very way of life. This plan sets a new bar to bolster the defenses of our public sector, putting cyber-criminals on warning that we are going further and faster to protect the UK’s businesses and public services alike. This is how we keep people safe, services running, and build a government the public can trust in the digital age.”
The plan responds to the persistent high level of cyber risks facing the public sector, with investments to hold organizations accountable for addressing vulnerabilities and strengthening defenses. Andy Ward, SVP International at Absolute Security, highlighted the severity: “59% of CISOs already see cyber threats as the biggest risk facing the UK, surpassing AI and other risks, with a 50% rise in significant attacks over the past year. Resilience must be at the forefront—organisations need to embed cyber resilience into their core operations to detect threats, manage disruptions, and recover swiftly.”
Sawan Joshi, Group Director of Information Security at FDM Group, added: “The UK is experiencing four ‘nationally significant’ cyber-attacks every week, according to the NCSC. In this escalating threat landscape, both government and business must act decisively. Ensuring public service security is vital, but true resilience also depends on continuous staff training and sustained investment in developing future cyber talent.”
Ultimately, the government’s focus on cyber resilience underscores its commitment to delivering secure, reliable digital public services—protecting citizens, supporting economic growth, and maintaining public trust in the digital age.
