The UK government has announced significant advancements in its cybersecurity efforts, reporting a 75% reduction in its backlog of critical vulnerabilities and an 87% decrease in the time taken to fix cyber-attacks.
In a recent update, the government revealed that major security flaws in public sector websites are now addressed six times faster, reducing the average resolution time from nearly two months to just over a week. This improvement follows the implementation of a specialized vulnerability monitoring service (VMS), which was introduced as part of a strategy outlined in a policy paper on modern digital government released on January 21.
The VMS, developed by the Department for Science, Innovation and Technology (DSIT), employs both commercial and proprietary scanning tools to assess internet-facing assets across the public sector.
The initiative specifically targets vulnerabilities related to Domain Name System (DNS) issues, which can enable attackers to redirect users to fraudulent websites, steal sensitive information, or completely take services offline.
Prior to the establishment of the VMS, flaws in government DNS records could remain undetected for nearly two months. Now, the service has managed to reduce this window to just eight days. The VMS promptly alerts relevant personnel, providing clear guidance on resolving issues while tracking progress until each problem is fully addressed.
Currently, the VMS continuously scans about 6,000 UK public sector entities, identifying around 1,000 different types of cyber vulnerabilities.
Government to Attract Cyber Talent to Keep UK Safe Online
Additionally, Minister for Digital Government Ian Murray has launched a new initiative aimed at attracting and developing cyber talent within the government. This Cyber Profession initiative is a collaboration between DSIT and the UK's National Cyber Security Centre (NCSC).
The initiative plans to introduce a competitive total employee offer, establish a dedicated Cyber Resourcing Hub to facilitate recruitment, and create a clear career framework in alignment with professional standards set by the UK Cyber Security Council.
Moreover, the Cyber Profession will feature a government Cyber Academy focused on training and development, along with a new apprenticeship program designed to cultivate future talent and structured career pathways to enhance long-term capabilities within the public sector.
The North West region will serve as a central hub for this profession, leveraging Manchester’s expanding digital ecosystem and the upcoming government Digital Campus.
“As our public services continue to innovate, it is vital that they remain resilient to evolving threats and that vulnerabilities are effectively managed to minimize disruption,” said Murray.
He added, “The government Cyber Action Plan is a crucial step in fortifying cyber defenses across our public services, and the launch of the government Cyber Profession today will help attract and retain the most talented professionals with the essential skills needed to keep the UK safe online.”
Under the Cyber Action Plan, which was initiated on January 6, 2025, the UK government has earmarked £210 million (approximately $285 million) to enhance its cybersecurity standards.
