In 2022, the Government set itself a target for critical functions to be significantly hardened to cyber-attack by 2025. It also aims for the whole public sector to be resilient to known vulnerabilities and attack methods by 2030 at the latest. Alongside a recognition that there is a significant gap between cyber resilience levels currently and where they needed to be, Government also made a commitment to invest £2.6bn in cyber and ageing IT systems over three years.
The PAC will be scrutinising the issue of cyber resilience through the lens of wider work on Government’s resilience to major disruptive events. Its 2023 report on digital transformation in Government found that Departments were constrained in what they could pay and, while they try to offer more for specialist roles, could not fully compete with the private sector in hard-to-recruit roles such as data architects and cyber security experts.
The National Audit Office’s (NAO) 2025 report on Government cyber resilience examined Government’s efforts to improve its cyber resilience to meet the challenges of the changing cyber threat landscape. Based on the NAO report, the PAC will hear from senior officials including from the Cabinet Office and Government Security Group on topics including:
- Plans to maintain and improve resilience; and
Please look at the requirements for written evidence submissions and note that the Committee cannot accept material as evidence that is published elsewhere.
The deadline for submitting written evidence is Wednesday February 19 at 23:59pm.