What's Happening?
The Department for Science, Innovation and Technology has unveiled a new Government Cyber Action Plan aimed at bolstering the cybersecurity of public services. This initiative includes the establishment
of a specialist unit, backed by over £210 million in funding, to ensure public services are secure and resilient. The plan outlines a strategic framework to improve the technical security of the public sector, including revamping the civil service profession for cyber experts and developing detailed plans to enhance security. The new Government Cyber Unit will work closely with Whitehall departments, devolved administrations, and the National Cyber Security Centre to implement the plan across five key areas: support, services, response and recovery, skills, and accountability. The initiative aims to address severe and complex cyber risks, improve responsiveness to fast-moving events, and increase government-wide cyber resilience.
Why It's Important?
The launch of the Government Cyber Unit is a significant step in strengthening the cybersecurity infrastructure of public services, which is crucial for maintaining public trust and protecting critical national infrastructure. By investing in cybersecurity, the government aims to prevent disruptions to essential services and safeguard sensitive information. This initiative is expected to enhance the UK's ability to respond to cyber threats and improve the overall resilience of public services. The focus on developing a skilled cyber workforce through career pathways and apprenticeships will also help address the shortage of cybersecurity professionals, ensuring that the UK remains competitive in the global digital economy. The plan's emphasis on accountability and governance will provide a structured approach to managing cyber risks across government departments.
What's Next?
The implementation of the Government Cyber Action Plan will occur in three phases: building, scaling, and improving. The initial 'building' phase, running until April 2027, will focus on establishing the Government Cyber Unit and setting up central services and support functions. The subsequent 'scaling' phase will involve expanding cyber support and services, enhancing response capabilities, and developing learning pathways for high-risk cyber specialisms. The final 'improving' phase, starting in April 2029, will aim to enable decision-making through shared cyber data insights and invest in cross-government platforms to address critical risks. Departments will be expected to proactively manage cyber risks across their supply chains, supported by central management of strategic suppliers.
