Sir Geoffrey Clifton-Brown, chairman of the PAC, has emphasized the need for government departments to recognize the seriousness of the cyber threat and to enhance resilience in public sector systems.

In response to these threats, the government has announced initiatives to bolster cybersecurity, including the rollout of CHERI technology, which aims to prevent up to 70% of common cyber attacks.

The PAC has called for a comprehensive audit of IT systems by the Cabinet Office to address identified vulnerabilities and improve overall cybersecurity.

The report stresses the need for a new approach to ensure that the public sector is resilient to cyber threats by the year 2030.

A recent report by the Public Accounts Committee (PAC) has revealed that the UK government's cyber defenses are inadequate in the face of evolving threats from hackers.

The report, published on May 9, 2025, highlights a significant shortage of technical cyber skills within the government and a lack of prioritization for cybersecurity.

High-profile cyber attacks on UK retailers such as Marks & Spencer and Co-op have underscored the urgency for businesses to enhance their cyber defenses, prompting Chancellor Pat McFadden to announce a £16 million investment in cybersecurity.

Government estimates indicate that 28% of public sector IT consists of vulnerable 'legacy' systems, contributing to significant gaps in cybersecurity responses.

Recent hacking incidents, including a ransomware attack on the British Library in 2023 that cost approximately £7 million to resolve, illustrate the pressing need for improved cybersecurity measures.

Additionally, plans to introduce a Cyber Security and Resilience Bill to Parliament later this year are intended to further protect critical infrastructure and the digital economy.

The report warns that hostile states and cyber criminals have developed capabilities that can disrupt public services and critical national infrastructure more swiftly than the government has anticipated.

The government struggles to attract top cybersecurity talent due to uncompetitive salaries, which has led to a reliance on costly contractors.