The government is introducing cyber measures aimed at improving the security and resilience of online public services, including health and social care.
Driven by a new cyber unit, the ‘Government Cyber Action Plan‘, published on 6 January 2026, is backed by more than £210 million, to help meet online threats as the government digitises public services.
The plan is intended to enable clearer visibility of risks, stronger central action on the toughest challenges, faster response to threats and incidents, and high resilience across government.
Ian Murray, digital government minister, said: “Cyber attacks can take vital public services offline in minutes – disrupting our digital services and our very way of life.
“This plan sets a new bar to bolster the defences of our public sector, putting cyber-criminals on warning that we are going further and faster to protect the UK’s businesses and public services alike.
“This is how we keep people safe, services running, and build a government the public can trust in the digital age.”
The NHS has been hit by multiple cyber attacks over the past few years including a major attack on pathology supplier Synnovis in 2024, which disrupted services across London and led to a patient death and at least two cases of severe patient harm.
Other organisations to be affected by cyber incidents include Barts Health NHS Trust, GP software supplier DXS International, and Ivanti, which provides mobile phone software to University College London Hospitals NHS Foundation Trust and University Hospital Southampton NHS Foundation Trust,
The Cyber Action Plan says: “The cyber attack on Synnovis, which halted blood testing and forced the cancellation of surgeries across London, demonstrated how quickly a digital disruption can escalate into a major healthcare emergency.
“Similarly, ransomware incidents affecting local councils have incapacitated social care systems, leaving frontline workers unable to access vital information to protect vulnerable individuals.
“These failures are not hypothetical risks, they are recurring realities that result in service breakdown, harm to the public and erosion of trust in these services by the communities who rely on them.”
Under the plan, the government aims to have established the Government Cyber Unit by April 2027, which will set targets and standards for government organisations and direct action across government in response to fast-moving cyber events.
The next phase will involve scaling and leveraging the new model by April 2029, which will use government-wide cyber risk visibility to make data-driven decisions, delivering a pipeline of cyber support and services to help government departments, and scale response and recovery capability to address concurrent major cyber events.
From April 2029 onwards, the model will be used to continuously improve government-wide cyber security and resilience by “enabling decision-making and prioritisation at all levels of government through sharing central cyber data insights, including evidence-based investment in cross-government platforms, services and infrastructure to address critical risks”.
Meanwhile, the Cyber Security and Resilience Bill, which sets out expectations for firms providing services to government to boost their cyber resilience, has had its Second Reading in the House of Commons.
The post Cyber plan launched to improve security of online public services first appeared on TechToday.
This post originally appeared on TechToday.