The UK Government has published a new Government Cyber Action Plan backed by more than £210 million in funding, aiming to enhance cybersecurity across public services, improve incident response and sustain trust in digital government.
The Government Cyber Action Plan outlines how ministers intend to meet a growing range of online risks as more public services move online – from benefit applications and tax services to healthcare platforms – with strengthened defences and clearer accountability across government.
Central to the plan is the establishment of a Government Cyber Unit tasked with coordinating risk management and incident response across departments and the wider public sector. Government said the unit will help ensure that cyber risks are monitored, reported and acted upon quickly, with more robust incident response arrangements to minimise harm and speed recovery when threats emerge.
Digital Government Minister Ian Murray said the initiative “sets a new bar to bolster the defences of our public sector, putting cyber-criminals on warning that we are going further and faster to protect the UK’s businesses and public services alike.”
If you liked this content…
Biggest cyber threat coming from inside the house
From pay-and-chase to prevention-by-design: How government can tackle fraud
Ransomware has changed – and so must public sector organisations
Applying AI in IAM? “Proceed with caution” prompt with context
Agentic AI raises national resilience questions for governments and enterprises
Strengthening resilience and public confidence
Measures in the plan aim to:
- Improve visibility of cyber risks across government departments and services.
- Enable faster response to threats and incidents through stronger central coordination and robust incident response protocols.
- Close resilience gaps in critical systems and services.
The action plan also introduces a Software Security Ambassador Scheme designed to promote best practice in tackling software supply chain attacks – a growing area of risk for both the public and private sectors. Under the scheme, leading firms with strong cybersecurity track records will champion adoption of the Government’s Software Security Code of Practice and feed back practical insights to support future policy development.
Aligning with broader cyber policy
The launch of the Cyber Action Plan coincides with the second reading of the Cyber Security and Resilience Bill in the House of Commons, which will set clearer expectations for firms providing services to government to boost their resilience against attacks.
The plan forms part of a broader UK cybersecurity framework spanning the Government Cyber Security Strategy 2022–2030, which seeks to strengthen public sector resilience and ensure core government functions are protected from evolving cyber threats.
