UK government investing millions to improve its own cybersecurity

Westminster says it is to invest a total of £2.6 billion in cyber and legacy IT as part of the 2021 Spending Review

Posted 28 October 2021 by Christine Horton

The UK government says it is to invest £2.6 billion in cyber and legacy IT, with an emphasis on improving its own cybersecurity.

Revealed in the 2021 Spending Review and Autumn Budget, the government says this is in addition to the funding agreed for the National Cyber Force.

A priority, says the government, is modernising HMRC’s IT systems and improving the quality, resilience and security of its digital services. It announced investment of £468 million over the next three years, building on the £98 million allocated in 2021-22.

It says it wants to reduce the risk of system failures, enhance the department’s ability to defend against cyberattacks and support the continued digitisation and modernisation of the tax system.

HMRC reported a 75 percent increase in email attacks during COVID-19. It also came under fire for 11 ‘serious’ personal data breaches affecting more than 20,000 people.

Westminster says it will also provide £277 million “to transform the way HMRC procures IT services, creating more opportunities for smaller businesses to compete for contracts and delivering greater technological innovation.” This builds on the £135 million allocated in 2020.

Elsewhere, the government has announced £37.8 million of funding for councils and local authorities to invest in cybersecurity, protecting services and data. Together with funding announced in the 2020 Spending Review, this will bring the total funding for cyber to £85.8 million.

The government additionally outlined a £114 million increase in the National Cyber Security Programme, enabling the UK to keep adapting, innovating and investing “to maintain and extend its competitive edge as a responsible, democratic cyber power.”

The government says it will shortly publish further details on the strategy for cyber, which we hope will be covered in our December conference Think Cybersecurity for Government on the 9th.