In the United Kingdom (UK), cyberattacks continue to have serious consequences for government organisations, public services and people’s lives, undermining the value for money of government expenditure in affected services and systems. 

    The cyber threat to the government is severe and advancing quickly. In response, the Cabinet Office has published and started leading work to implement the first cyber strategy for government. 

    However, progress is slow and cyber incidents with a significant impact on government and public services are likely to happen regularly, not least because of the growing cyber threat. The government’s cyber resilience levels are lower than it previously estimated. The resilience of the hundreds of ageing legacy IT systems that departments still use is likely to be worse. 

    To avoid serious incidents, build resilience and protect the value for money of its operations, government must catch up with the acute cyber threat it faces. The government will continue to find it difficult to do so until it successfully addresses the longstanding shortage of cyber skills, strengthens accountability for cyber risk, and better manages the risks posed by legacy IT. 

Internet: < nao.org.uk> (adapted).