A report by MPs from the Commons Public Accounts Committee reveals that the UK government is struggling to safeguard public sector data and infrastructure from growing cyber threats.
The report calls for a new approach to combat cyberattacks, citing weak government IT systems. It’s estimated that 28% of public sector IT systems are legacy systems, many of which are outdated and vulnerable to attacks. The government aims to secure these systems by 2030, though some departments still use unsupported software like Windows 3.1.
Sir Geoffrey Clifton-Brown MP expressed concern over the lack of digital expertise at top levels of government, urging greater hiring practices and transformation within departments to improve resilience.
The report also highlights the challenge of attracting skilled cybersecurity professionals, as the government struggles to compete with higher private sector salaries. Cyber incidents have sharply increased, with phishing and ransomware attacks making up the majority.
Private companies are spending significantly more on cybersecurity, with £34 billion spent annually, compared to the government’s efforts.
In response, the government pointed to recent initiatives, including CHERI technology and the upcoming Cyber Security and Resilience Bill, aimed at improving protection for critical infrastructure.
