The UK government has cut the time it takes to address major cybersecurity issues across Britain’s public services by 84 per cent, as part of a wider push to harden critical systems and build a professional cyber workforce, it said on Friday.
According to new figures from the government, the average time to fix critical cyber weaknesses in public services has dropped from 50 days to just eight, while the backlog of unresolved issues is now 75 per cent smaller.
At the centre of this improvement is the Vulnerability Monitoring Service (VMS), a capability within the government’s Blueprint for Modern Digital Government and £210 million Cyber Action Plan. The VMS now continuously scans around 6,000 public sector bodies and is resolving roughly 400 confirmed vulnerabilities every month, significantly narrowing the window in which attackers can exploit flaws.
Powered by commercial and proprietary cyber threat detection tools, VMS is capable of tracking cybersecurity issues impacting internet services provided by the UK public sector from remediation to completion. Actionable advice is also sent to key stakeholders at impacted public sector organisations.
According to government officials, the system prevents cyber criminals from disrupting the digital services provided by UK public sector organisations, stealing personal data and directing customers to dodgy sites. The NHS and the Legal Aid Agency are two public sector bodies that have benefited from this protection.
Looking to protect the UK public sector from future cyber threats, the government has announced a dedicated programme for attracting, training and retaining highly skilled cybersecurity professionals.
Called Cyber Profession, it’ll comprise a cybersecurity training academy, apprenticeships, career pathways and a dedicated resource hub. The latter will be located in Manchester and other parts of the North West of England. It’ll be tasked with making UK public services more resilient amid a fast-expanding cyber threat landscape and supporting economic progress in the region’s tech sector.
Commenting on the announcement, Ian Murray – the minister for digital government – warned that cyber attacks are no longer “abstract”. He said they’re already disrupting UK public services, such as NHS appointments, and threatening the sensitive data of UK citizens.
While technological advancements like the VMS are helping to reduce this risk, Murray said they’re not “enough”on their own. That’s why the government has announced investment in homegrown cyber talent.
He added: “Today I’m launching a new government Cyber Profession to attract and develop the talented people we need to stay ahead of increasingly sophisticated threats – making government a destination of choice for cyber professionals who want to protect the services that matter most to people’s lives.”
