The UK government has launched a 210 million Cyber Action Plan to strengthen cybersecurity for online public services, including benefits, taxes, and healthcare, aiming to improve security and resilience.

Critics say private sector entities that run substantial parts of critical infrastructure may be overlooked, urging incident response and resilience efforts to span both public and private sectors.

A central feature is the creation of a Government Cyber Unit to oversee cyber risk management and incident response across departments, improve visibility into risks, and coordinate faster recovery.

Recent high-profile incidents at Jaguar Land Rover, Marks & Spencer, and Harrods illustrate the cost and impact of cyberattacks on major firms.

A Software Security Ambassador Scheme will promote the Software Security Code of Practice to reduce software supply chain attacks, with ambassadors including Cisco, Palo Alto Networks, Sage, Santander, and NCC Group.

The scheme aims to encourage secure software development practices across industries, with leading tech and financial firms helping share insights and inform policy improvements.

The new Government Cyber Unit will drive cross-departmental collaboration, boost digital resilience, and ensure critical services remain online and secure for citizens accessing online public services.

Observers caution that funding alone won’t fix legacy systems, fragmented estates, and supply chain vulnerabilities, underscoring the need for comprehensive risk mapping and patching across contractors and suppliers.

Industry expert notes 2025 was severe for cyber defence and predicts 2026 could be worse due to AI-enabled attacks, slow adoption of stronger authentication, and rising ransomware payouts.

The ambassador scheme seeks to reduce software supply chain risks by promoting adoption of the Software Security Code of Practice in partnership with major tech and financial firms.

The government notes software weaknesses can disrupt supply chains and essential public services, citing that 59% of organisations faced software supply chain attacks in the past year.

Experts warn about prompt injection risks with LLM-integrated systems, predicting a turning point with material breaches and urging model-signing and treating small models like firmware as essential controls.