The United Kingdom has announced a new cybersecurity strategy, backed by more than £210 million ($283 million), to boost cyber defenses across government departments and the wider public sector.
The new measures are part of the Government Cyber Action Plan that establishes a dedicated Government Cyber Unit to coordinate risk management and incident response, aiming to make online public services more secure for citizens accessing benefits, healthcare, and tax systems.
“Cyber-attacks can take vital public services offline in minutes – disrupting our digital services and our very way of life,” said Digital Government Minister Ian Murray on Tuesday.
“This plan sets a new bar to bolster the defences of our public sector, putting cyber-criminals on warning that we are going further and faster to protect the UK’s businesses and public services alike.”
The plan includes establishing minimum security standards, improving visibility of cyber risks across government, and requiring departments to maintain robust incident response capabilities.
A new Software Security Ambassador Scheme will promote best practices, with multiple major firms, including Cisco, Palo Alto Networks, Sage, NCC Group, and Santander, joining the effort as ambassadors.
The U.K.’s £210 million plan to strengthen the public sector cybersecurity follows new legislation that aims to boost defenses for hospitals, energy systems, transport networks, and water supplies against cyberattacks.
Earlier this year, the U.K. also announced plans to ban public-sector and critical infrastructure organizations from paying ransoms following ransomware attacks.
The Cyber Security and Resilience Bill (introduced in the U.K. Parliament on November 12) builds upon the 2018 Network and Information Systems (NIS) Regulations and should lead to a fundamental overhaul of Britain’s approach to protecting essential services.
As the government explained at the time, the bill addresses growing cyber threats that had led to the compromise of Ministry of Defence payroll systems and caused major NHS disruptions affecting over 11,000 medical appointments.
More recently, in November, Britain’s largest mobile carriers also committed to upgrading their systems to eliminate scammers’ ability to spoof phone numbers within a year under a new partnership with the government aimed at combating fraud.
7 Security Best Practices for MCP
As MCP (Model Context Protocol) becomes the standard for connecting LLMs to tools and data, security teams are moving fast to keep these new services safe.
This free cheat sheet outlines 7 best practices you can start using today.
