Cyber action plan aims to bolster resilience of public services
Image courtesy DSIT
Driven by a new Government Cyber Unit, the plan will rapidly improve cyber defences and digital resilience across government departments and the wider public sector, so people can trust that their data and services are protected.
It underpins UK Government plans to digitise public services. This will make more services accessible online, reduce time spent on phone queues and paperwork, and enable citizens to access support without repeating information across multiple departments. This approach could unlock up to £45 billion (note) in productivity savings by using technology effectively across the public sector.
However, realising these benefits depends on trust. As services move online, they must be secure and resilient. Cyber attacks can take vital public services offline in minutes, disrupting lives and undermining confidence. The new plan addresses this challenge head-on.
Released as the Cyber Security and Resilience Bill has its Second Reading in the House of Commons, the Bill sets out clear expectations for firms providing services to government to boost their cyber resilience. From energy and water suppliers to healthcare and data centres, strong defences throughout supply chains will help keep the water running and the lights burning - facing down the cyber attackers who want to grind our country to a halt.
The plan will lead to:
clearer visibility of risks: shining a light on cyber and digital resilience risks across government, so we can focus efforts where it matters most
stronger central action on the toughest challenges: taking decisive, joined-up action across departments on severe and complex risks that no single organisation can solve alone with a dedicated team overseeing coordination
faster response to threats and incidents: reacting quickly to fast-moving cyber threats and vulnerabilities to minimise harm and speed up recovery by requiring departments to have robust incident response arrangements in place
higher resilience across government: boosting resilience at scale, with targeted measures to close major gaps and protect critical services
Digital Government Minister Ian Murray said: "Cyber-attacks can take vital public services offline in minutes – disrupting our digital services and our very way of life.
"This plan sets a new bar to bolster the defences of our public sector, putting cyber-criminals on warning that we are going further and faster to protect the UK’s businesses and public services alike.
"This is how we keep people safe, services running, and build a government the public can trust in the digital age."
Today’s plan is also bolstered by further steps to take the UK’s cyber defences further and faster.
A new Software Security Ambassador Scheme will now help drive adoption of the Software Security Code of Practice - a voluntary project designed to reduce software supply chain attacks and disruption.
Software underpins the economy as a core component of all technologies that businesses rely on. Yet weaknesses in software can cause severe disruption to supply chains and the essential services the public use every day with more than half (59%) (note) of organisations experiencing software supply chain attacks in the past year.
These issues can be addressed by embedding basic software security practices across the software market. Among others, Cisco, Palo Alto Networks, Sage, Santander and NCC Group will come on board as the scheme’s ambassadors, championing the Code across sectors, showcasing practical implementation, and providing feedback to inform future policy improvements.
Cyber risk to the public sector remains high. The plan responds with £210 million to spark a step change in public sector cyber defences, holding organisations to account for fixing vulnerabilities. This includes setting clear minimum standards and investing in more hands-on support to minimise the impact when incidents do occur.
Cyber resilience is central to the government’s mission of national renewal. Secure, reliable digital public services help protect citizens, support growth and deliver better value for taxpayers, while maintaining trust in the services communities rely on every day.
Thomas Harvey, Chief Information Security Officer (CISO), Santander UK said: "We are pleased to be an ambassador for the UK government’s Software Security Code of Practice and it reflects our broader commitment to collective resilience. By advocating for these standards we’re not just protecting Santander and our customers, we are helping to build a more secure digital economy for everyone."
Jason Soroko, Senior Fellow at Sectigo and Security Technology Innovator Executive, said: "For cyber attacks, 2025 was brutal. Twenty twenty-six will be worse. Attackers now deploy AI at a speed defenders simply haven’t matched. It’s an asymmetry that widens by the month. Defenders have been slow to uptake stronger authentication, which is like failing to better locks on the doors. The attackers take advantage of this. Passwordless systems matter more than ever but the difficulty in using passkeys in centralised enterprise environments leave gaps everywhere. Ransomware payouts climb, attack surfaces expand and defenders can’t keep pace. Without coordinated vendor collaboration, the curve bends in the wrong direction.
"Twenty twenty-six will mark a milestone no one wants: the first publicly acknowledged Fortune 500 material breach caused by prompt injection. Companies will deploy LLM-integrated systems without guardrails, and adversaries will discover how to coerce those models into executing harmful internal commands or leaking sensitive data. The industry is still treating prompt injection like a clever party trick rather than a security class. It’s not. Even without 'attacking the model', attackers will weaponise its instructions. And organisations still aren’t ready. Model-signing and treating small models like firmware will emerge as essential controls."
