A report from the United Kingdom’s Public Accounts Committee has revealed that the nation’s cybersecurity strategy is no longer effective against the capabilities of malicious actors and foreign adversaries. The committee, appointed by the House of Commons, reviews government spending to ensure that taxpayers’ money is used to enhance public services.
The report highlights that the government’s cyber resilience has not met its target levels because various departments have underestimated the severity of existing threats. It points out that 319 legacy systems are still in use across the British government, which accounts for 28 percent of the total IT infrastructure in the public sector. As of January, these systems have been classified as “red-rated,” indicating a 25 percent likelihood of being targeted by cyberattacks.
The PAC report also suggests that the Government Security Group in the Cabinet Office is projected to fall short of its objectives by the end of 2025. The committee emphasizes the need for this office to strike the right balance between supporting agencies, holding departments accountable and enhancing its efforts on behalf of the government.
PAC Chair Geoffrey Clifton-Brown noted that some British government agencies are beginning to recognize the increasing number of cyber threats, particularly in light of the attack that targeted the British Library.
“If the government is to meet its own ambition to harden resilience in the wider public sector, a fundamental step change will be required,” the official said. “This will involve infusing every top team with the required digital expertise, with cyber and digital specialists at the top level of every department, both management and boards, to bring about a change in thinking throughout the civil service for greater threat awareness and digital transformation.”
Join us at the Potomac Officers Club’s 2025 Cyber Summit on Thursday, an event that will gather government, military and industry leaders to discuss current threats, cyber policies and workforce challenges. Register now.