Department for Science, Innovation & Technology

Government is committed to delivering gigabit coverage to 99% of UK premises by 2032 and will continue to consider what it can do to further enable alternatives to fibre connections for premises located in very hard-to-reach areas.

The Government also works closely with Ofcom to ensure that spectrum management and licensing arrangements support the deployment of satellite broadband services, including through appropriate authorisation of satellite networks and earth stations.

The Government Alpha trials, which ended in March 2025, tested the capability of Low Earth Orbit (LEO) satellite technology to deliver high-speed, low-latency connectivity in remote locations. The Government also ran a pilot through the Rural Connectivity Accelerator which combined satellite and wireless technologies to support connectivity needs in remote areas.

The satellite market is developing at pace, with further entrants and significant changes to terminal equipment, speeds and the cost of service packages. We continue to monitor and support the development of this market.

The Government Digital Service is implementing the Algorithmic Transparency Recording Standard (ATRS), which provides a standardised way for departments and arm’s length bodies to publish information about algorithmic tools they use that significantly influence decisions or interact with the public. ATRS records are published in a central repository on GOV.UK, and more records are being added regularly as part of a phased mandatory rollout across government, providing a cross‑government mechanism to maintain and expand transparency over these systems.

The Online Safety Act updated Ofcom’s statutory duty to promote media literacy, including by raising awareness and understanding of misinformation and harmful content, especially where it affects vulnerable groups. The Secretary of State maintains regular, constructive engagement with Ofcom on delivery of its obligations.

Both Ofcom and DSIT are taking steps to improve media literacy among parents and carers and are working closely to ensure our approaches are complementary.

Supporting parents and children is central to our media literacy approach. On 10 February, DSIT launched a pilot media literacy communications campaign to give parents tools to help children build resilience and critical thinking skills online. A new Online Safety hub, developed with DfE, will provide everyone in the UK with clear guidance on media literacy and online safety.

Under the Online Safety Act, Ofcom has a media literacy strategy that prioritises support for children and families, especially those with additional needs.

In formal education, the Department for Education has committed to strengthening media literacy in the updated national curriculum.

In December, UK Research and Innovation (UKRI) set out how it will deliver its record £38.6 billion funding allocation over the next four years. This is part of the largest ever investment in R&D made by any UK government (£86 billion up to 2029/30) and will help drive new scientific breakthroughs, help create new industries and grow businesses faster, and deliver the growth we need for good jobs and better lives.

The Department for Science, Innovation and Technology (DSIT) has been in active dialogue with UKRI to ensure that any implications from funding decisions are fully understood and that they reflect both the UK’s strategic research priorities and its global commitments. DSIT has asked UKRI to ensure that its final allocations are informed by meaningful consultation with the research community and a robust assessment of potential consequences for the UK’s scientific capability.

We recognise that AI is transforming workplaces, demanding new skills and augmenting existing roles, although the future scale of change remains uncertain. This Government is planning against a range of plausible outcomes to ensure workers continue to have access to good, meaningful employment.

To support this work, the Government has established a new Future of Work Unit in DSIT. The Unit will provide robust analysis and evidence on the impact of AI on the labour market and will coordinate action across government, ensuring our principles are delivered through practical help and support for workers and employers.

At the same time, AI presents significant opportunities for the labour market. Around 35% of UK jobs predicted to benefit from productivity gains through AI adoption. Through the AI Opportunities Action Plan, we have committed to upskilling 10 million workers in essential AI skills by 2030. This will support workers to adapt and thrive in workplaces where AI tools are increasingly widespread.

The Government is putting technology at the heart of our mission to grow the UK economy.

We are launching a £250 million procurement to expand the AI Research Resource, giving UK researchers and businesses free access to cutting‑edge compute so every region can benefit from nationwide innovation.

The Government is also expanding access to free AI skills training, available to all adults across the UK, that aims to equip 10 million workers with practical AI skills by 2030, ensuring people and businesses in every region can take advantage of new technologies.

Alone, Leicester City Council received £35,391.97 from the Digital Inclusion Innovation Fund for its ‘Let’s Get Digital’ project, which will help 150 peoples, this will build digital confidence for social inclusion, reducing service dependency and improving economic outcomes.

The Government is also supporting UK medicine and med‑tech manufacturing through the £520 million Life Sciences Innovative Manufacturing Fund, bringing high‑value jobs to regions like the East Midlands, strengthening supply chains, and securing over £30 million of new investment.

The Government aims for the UK to be a global leader in AI, using our strengths in financial services and AI to boost growth, productivity and consumer benefits. Safe adoption is central to this.

Organisations must handle personal data fairly, lawfully, transparently and securely, with individuals retaining rights such as access, correction and deletion.

The Financial Conduct Authority is also acting in this space, including publishing guidance for consumers on using AI tools for investment research and highlighting risks like inaccurate or outdated information.

The FCA’s Supercharged Sandbox and AI Live Testing service give firms access to computing, data and safe real‑world environments to support responsible AI use in UK financial markets.

More broadly, the Government recognises that people often lack the support they need when making financial decisions. To improve this, we are introducing a new targeted support regime enabling trusted firms to suggest suitable products or actions based on a customer’s circumstances. Targeted Support will launch in April 2026.

The advert for applications was launched on 17 November 2025, with a deadline of 18 December 2025. On 17 December, the application deadline was extended until 5 January 2026, and the advert on gov.uk was amended to reflect this change.

The Government is committed to ensure that any risks arising from the industry-led migration of the analogue Public Switched Telephone Network (PSTN) to digital Voice over Internet Protocol (VoIP) are mitigated for all customers across the UK.

Government secured safeguards for customers through the PSTN Charter in December 2023 and the Non‑Voluntary Migrations Checklist in November 2024. Major communication providers committed to a number of measures to protect customers, including signing data sharing agreements with local authorities to identify telecare customers, timely and repeated communications, a free engineer visit, and a battery back-up solution, if needed.

In addition to existing safeguards, any vulnerable customers (including the elderly) can self-identify to receive additional support from their provider as set out in the GOV.UK Supported Journeys Guidance when their landline is upgraded.

The Government is committed to ensure that any risks arising from the industry-led migration of the analogue Public Switched Telephone Network (PSTN) to digital Voice over Internet Protocol (VoIP) are mitigated for all customers across the UK.

Government secured safeguards for customers through the PSTN Charter in December 2023 and the Non‑Voluntary Migrations Checklist in November 2024. Major communication providers committed to a number of measures to protect customers, including signing data sharing agreements with local authorities to identify telecare customers, timely and repeated communications, a free engineer visit, and a battery back-up solution, if needed.

In addition to existing safeguards, any vulnerable customers (including the elderly) can self-identify to receive additional support from their provider as set out in the GOV.UK Supported Journeys Guidance when their landline is upgraded.

The Government is committed to ensure that any risks arising from the industry-led migration of the analogue Public Switched Telephone Network (PSTN) to digital Voice over Internet Protocol (VoIP) are mitigated for all customers across the UK, including Surrey. There are 3.6 million remaining PSTN lines. Down from over 35 million PSTN lines at the network’s peak.

Communication providers and network operators signed voluntary charters in December 2023 and March 2024, committing to protect consumers during the PSTN switch-off, including the vulnerable. In November 2024, major communication providers agreed to further safeguards. These include timely and repeated communications, signing data sharing agreements with local authorities to identify telecare customers, a free engineer visit, and a battery back-up solution, if needed.

According to Ofcom’s Connected Nations 2025 report, more than 84% of premises in Surrey Heath constituency have access to a gigabit capable connection, slightly below the national average of 86%.

As part of Project Gigabit, Openreach is delivering a contract across Surrey, delivering gigabit-capable broadband to premises not included in suppliers’ commercial rollout plans. Of the approximately 1,950 premises in Surrey Heath constituency included within this contract, approximately 610 have now received access to a gigabit-capable connection.

This Government’s recognise that AI is transforming workplaces, demanding new skills and augmenting existing roles, however the future scale of change remains uncertain.

We are planning against a range of plausible outcomes to ensure workers continue to have access to good, meaningful employment.

To support this, we have established the AI and the Future of Work Unit, which will provide robust analysis and evidence on the impact of AI on the labour market. The Unit will coordinate action across government, ensuring our principles are delivered through practical help and support for workers and employers.

As is the case with all new technologies, AI also presents significant opportunities for the labour market. For example, our AI Growth Zones are creating over 15,000 jobs. We are also providing free AI training for all and will provide 10 million workers with essential AI skills by 2030, with the aim to make the UK the fastest adopting AI country in the G7.

Through these initiatives and others, we will drive economic opportunity and support workers to adapt and thrive in workplaces across the UK, including Surrey and Surrey Heath.

The Government is committed to removing barriers to AI adoption, unlocking new opportunities, and ensuring that equality is embedded at the heart of every mission. We want AI to work for everyone, and that means supporting innovation while ensuring technologies are fair, inclusive and accessible.

We have published Responsible AI in Recruitment guidance which sets out good practice procuring and deploying AI systems for HR and recruitment. This guidance highlights the mechanisms that can be used to ensure the safe and trustworthy use of AI in recruitment.

As highlighted in the AI Opportunities Action Plan: One Year On, we have taken steps to build the AI assurance ecosystem that underpins safe and responsible use of AI. This includes establishing a new Centre for AI Measurement at the National Physical Laboratory, designed to accelerate the development of secure, transparent and trustworthy AI.

Ofcom, as the independent regulator for online safety, publishes information on its website about the enforcement action it takes, including details of the investigations it has opened into potential breaches of online safety duties. As a result of this work, Ofcom has exercised its powers to issue financial sanctions in several cases, with at least one regulated service having already paid its fine.

DSIT regularly engages the Centre for Long-Term Resilience (CLTR), including through their membership of the Engineering Biology Responsible Innovation Advisory Panel. CLTR was invited to present this Cost-Benefit Analysis to DSIT and members of the Advisory Panel in January 2026.

DSIT agrees that synthetic nucleic acids are a core building block of the UK’s bioeconomy and this is why we published voluntary guidance on Synthetic Nucleic Acid Screening in 2024. DSIT continues to monitor uptake of this voluntary guidance and assess its impact and effectiveness.

Improving the cyber security of UK companies is critical to the resilience of our wider economy and is a priority for the government.

The Cyber Security and Resilience Bill will improve UK cyber defences and help protect our essential services. Our product security legislation and cyber security codes of practice are helping to ensure the technology people and businesses use is secure by design. We are also developing and growing the cyber security industrial base and skills pipeline to ensure companies have access to the services and capabilities they need. Together these system-wide measures aim to drive a step change in supporting companies across the economy to improve their cyber resilience.

In addition, the government wrote to the Chairs and CEOs of leading UK companies and asked them to better identify and protect themselves from cyber threats by making cyber a board-level priority by using the Cyber Governance Code of Practice, signing up to the National Cyber Security Centre (NCSC) Early Warning service, and requiring Cyber Essentials in their supply chains.

These actions are relevant to all businesses. To support them further, the government has developed a wide range of free resources, including the Cyber Action Toolkit offering tailored advice for small businesses, and NCSC-certified Cyber Advisors who provide advice and guidance on commercial terms, with SMEs eligible for a free 30-minute consultation.

His Majesty’s Government is implementing artificial intelligence partnerships through a phased, test-and-learn approach that embeds data protection from the outset while testing transformational capabilities before committing significant public funds.

Working with the Commercial Innovation Hub, the Government has developed procurement approaches tailored to AI’s unique characteristics, including the National AI Tender for GOV.UK and the Planning Transformation Accelerator for AI-assisted decision-making, ensuring procurement methods are appropriate for evaluating frontier technologies.

All procurement frameworks require GDPR compliance as a mandatory qualification criterion, with partnerships operating under the UK Data Protection Act 2018 and comprehensive privacy-by-design principles. Pilots are deployed in controlled environments with oversight from departmental information security teams and data protection officers, with government retaining intellectual property ownership to prevent vendor lock-in.

Decisions to scale are contingent on pilots demonstrating measurable user benefits and full compliance with data protection standards through defined evaluation criteria and contractual break clauses, ensuring AI capabilities can be advanced while maintaining robust privacy safeguards.

DSIT and UKRI remain committed to international scientific collaboration, and UKRI’s record £38.6 billion settlement over the Spending Review will support areas including talent, scientific capability and international collaboration, including £14 billion in curiosity-driven research that underpins long-term economic growth.

The Science and Technology Facilities Council (STFC) within UKRI is currently consulting with the scientific community about spending priorities within their settlement ahead of determining final allocations. No final spending decisions have been made.

Due to a rising cost base, choices are required to put the council on a financially sustainable footing. As part of this consultation, STFC is working with the sector to model scenarios for its portfolio in particle physics, astronomy and nuclear physics. The impacts of these different spending scenarios will be considered alongside feedback from the sector when taking final decisions.

UKRI’s CEO Sir Ian Chapman has confirmed that STFC’s core budget will hold relatively flat from £835 million to £842 million over the Spending Review period. Applicant-led research in STFC will increase from £83 million in 2026/27 to £90 million by 2029/30. As legacy commitments/awards come to their conclusion, headroom will also open up for UKRI-funded research and innovation under its government and societal priorities allocation which is open for competition.

Separately, informed by independent expert advice from UKRI’s Infrastructure Advisory Committee in late December, UKRI decided to stop several Infrastructure Fund projects, including some international projects in particle physics. These decisions have enabled UKRI to continue investing in other essential projects that seek to strengthen scientific capability and attract private investment.

DSIT has been in active dialogue with UKRI to ensure that any implications from funding decisions are fully understood and that they reflect both the UK’s strategic research priorities and its global commitments. DSIT has asked UKRI to ensure that its final allocations are informed by meaningful consultation with the research community and a robust assessment of potential consequences for the UK’s scientific capability and international standing.

The Online Safety Act requires in-scope services to prevent all users from encountering illegal suicide and self-harm content, and children from legal content encouraging, promoting, or providing instructions for suicide or self-harm.

The independent regulator Ofcom enforces compliance with the Act. Ofcom’s first investigation under the Act targeted a pro-suicide forum. On 6 January, Ofcom confirmed it has informed the forum provider that Ofcom is working towards issuing a provisional notice of contravention in relation to Act breaches.

Ofcom has also established a dedicated small but risky supervision taskforce, focusing on small services posing the most severe risk of harm.

Gaming platforms that allow users to post or interact, such as Roblox, are in scope of the Online Safety Act. They are required to protect children from illegal and harmful content on their service, including using highly effective age assurance to prevent children encountering the most harmful types of content.

Ofcom is the regulator of the Act and has powers to take robust enforcement action. Ofcom has already used these powers, effectively enforcing against non-compliant services.

We will continue to monitor the effectiveness of the Act, and on 20 January, the government announced a short, swift consultation on further measures to enhance children's wellbeing and ensuring they have a healthy relationship with social media accompanied by a national conversation.

We remain committed to ensuring the trusted and fair use of AI and to facilitating impactful AI adoption across the UK, so that British workers - including those in legal services - can seize the benefits this technology offers.

To support this, the AI Growth Lab will act as a cross‑economy AI sandbox, enabling responsible AI products and services to be deployed under close supervision in live markets. This will drive cross‑economy growth, build trust in new technologies, and create a mechanism for dynamic, evidence‑led regulatory reform.

Alongside this, the Roadmap to Trusted Third‑Party AI Assurance sets out the Government’s ambitions for the UK’s AI assurance market and the immediate actions we are taking to help the sector mature. This includes establishing the £11 million AI Assurance Innovation Fund and convening a national consortium of expert stakeholders to support the quality and growth of the assurance market.

In addition, the Government has established the cross‑government AI and Future of Work Unit to monitor how advanced AI tools are reshaping professional work, ensure innovation is supported responsibly, and coordinate policy so that workers and businesses can adopt these technologies safely and effectively.

Government is taking significant steps to expand skills and training in ethical and responsible AI. In January, further public and private sector partners joined the AI Skills Boost, increasing our ambition to upskill 10 million workers by 2030. More than 1 million AI upskilling courses have already been delivered since last summer, helping ensure UK workers - including those in financial services - have access to high‑quality training in the safe and ethical use of AI.

To complement this, the Government has established the cross‑government AI and Future of Work Unit to monitor how advanced AI tools are reshaping professional work, ensure innovation is supported responsibly, and coordinate policy so that workers and businesses can adopt these technologies safely.

We have also concluded a Call for Evidence on proposals for the AI Growth Lab, a cross‑economy AI sandbox that would allow responsible AI products and services to be tested under close supervision in live markets, building trust and supporting economic growth. Alongside this, the FCA’s Supercharged Sandbox and AI Live Testing service provide firms with enhanced access to computing, data and safe real‑world testing environments, enabling the responsible use of AI across UK financial markets.

As set out in the AI Opportunities Action Plan and the Modern Industrial Strategy, the Government is committed to treating public sector data as a strategic national asset and unlocking high-impact public datasets for AI use.

The Government recently published an update outlining the significant progress made on the Action Plan with 38 of its 50 commitments delivered against in 12 months.

This update demonstrated that 6 of the 7 data recommendations have been delivered – this includes the publishing of best practice guidance on how to make public sector datasets ready for AI (R09), and details on the delivery of ‘kickstarter’ projects making high-impact datasets available to AI researchers and innovators (R07).

DSIT have also launched an open call to understand the opportunities for public sector data among businesses, researchers and public bodies.

The Online Safety Act places duties on many AI services to make them more responsible for their users’ safety. The Secretary of State tasked officials to review how the Act covers chatbots and has said government will act to fill any gaps in the Act.

The AI Security Institute works closely with AI developers to understand potential risks from AI and develop mitigations. The Institute’s research is making AI models safer, with findings being used by industry to strengthen AI model safeguards.

The AI Security Institute regularly test models across leading labs. While we do not provide a running commentary on which models we test due to commercial and security reasons, it actively works with labs to improve safeguards when vulnerabilities have been identified.

The AI Security Institute regularly test models across leading labs. While we do not provide a running commentary on which models we test due to commercial and security reasons, it actively works with labs to improve safeguards when vulnerabilities have been identified.

Government has not made an estimate of the number of UK-trained scientists who have left the workforce following redundancies in these sectors over the past 15-years. Over that period there have been both redundancies and the start of many new companies.

Life Sciences is a vibrant and growing sector supported by the recently published Life Sciences Sector Plan and over £2 billion of government investment. Skills England estimate that employment could increase by up to 100,000 by 2030 if past growth trends continue.

The Office for Life Sciences is working with Government colleagues and sector stakeholders to ensure access to a domestic pipeline of skilled workers. This includes support for RESILIENCE, the UK Medicines Manufacturing Skills Centre of Excellence.

This government is committed to harnessing the power of compute to enable innovations that will deliver growth and opportunity and for people across the UK.

The AI Research Resource (AIRR) is now live and is free to use for the UK’s scientists, public sector organisations, and start-ups and SMEs. It is made up of two supercomputers: Dawn at Cambridge, and Isambard-AI in Bristol – one of the world’s top 10 public supercomputers and the 4^th greenest in the world. As of last month, more than 350 projects are actively running on the Isambard-AI supercomputer.

The Secretary of State has regular engagement with relevant colleagues on the UK business environment for life sciences sector, to drive the growth of the sector and support the delivery of the Life Sciences Sector Plan.

Suppliers are responsible for creating a network design plan and delivery schedule for their Project Gigabit contracts. Therefore, updates on delivery timescales for specific areas are often provided by suppliers through their own websites and fibre checker tools. Building Digital UK (BDUK) also works with suppliers and local councils to support communications about Project Gigabit contracts throughout their delivery.

Additionally, communities can check if their premises is included in BDUK plans using the following link: September 2025 OMR and premises in BDUK plans (England and Wales) - GOV.UK. Delivery progress can also be found via BDUK’s monthly data reporting, which shows the number of premises passed under each Project Gigabit contract. The latest edition of this data is available here: Premises contracted and built, Project Gigabit contracts - GOV.UK.

Building Digital UK (BDUK) engaged suppliers at the end of 2025 on the potential for further Project Gigabit delivery, and several voucher suppliers expressed interest in delivering more voucher projects in South Devon. BDUK will make premises available to be covered by voucher projects where there is a prospect of viable projects being proposed by suppliers.

The scheme is due to end in March 2028 and therefore projects will need to be approved by August this year. The Government would encourage suppliers to engage directly with BDUK, if they believe there is an opportunity to develop a new project targeted at a specific area.

I refer the hon. Member to the answer given on 25th November 2025 to Question UIN 91769 https://questions-statements.parliament.uk/written-questions/detail/2025-11-17/91769

The Government recognises the importance of ensuring that AI‑related infrastructure, including data centres and associated energy systems, is developed responsibly, with full consideration of environmental impacts and meaningful engagement with local communities.

AI infrastructure will continue to be subject to the UK’s environmental and planning frameworks, which require assessment of impacts such as energy use, water consumption, land use, and local environmental factors, including those which will apply through the Nationally Significant Infrastructure Project route.

All organisations in the UK that provide online and messaging services to their customers have to comply with the requirements of UK’s data protection and privacy framework, as set out in the UK General Data Protection Regulation (UK GDPR), the Data Protection Act 2018 (DPA) and the Privacy and Electronic Communications Regulations 2003 (PECR). The UK GDPR and the DPA also apply to online platforms based outside of the UK that are processing UK residents’ data for the purposes of providing goods and services or monitoring behaviour.

As such, the handling of people’s data by online platforms should be lawful, fair, transparent and secure. The data protection legislation gives people the right to be informed about the collection and use of their personal data, as well as rights to request access to their data, object to its processing or seek its erasure.

The Information Commissioner, the UK’s independent regulator for data protection, publishes a range of guidance to help organisations comply with the legislation and has the power to investigate and impose penalties for non-compliance.

The UK has a strong track record of high‑growth AI firms. This Government is taking a comprehensive approach to supporting our thriving AI ecosystem – ensuring that we back innovators with the data, compute, and talent they need to succeed.

Our AI Research Resource is providing free compute to British researchers and startups so that they can train new AI models and deliver scientific breakthroughs. We have established five new AI Growth Zones across the UK to deliver large, cutting-edge datacentre capacity. We are training the next generation of experts through Spärck AI Scholarships and the Global Talent taskforce, and we are upskilling 10 million workers in essential AI skills by 2030. Our Sovereign AI Unit, backed by £500 million, will support high-potential start-ups to start and scale, and our £100 million Advance Market Commitments will help UK AI hardware start‑ups compete globally.

Through Project Gigabit, we are delivering gigabit‑capable broadband to premises that are not included in suppliers’ commercial rollout plans, many of which are in rural areas.

Government is committed to delivering gigabit coverage to 99% of UK premises by 2032 and will continue to consider what it can do to further enable alternatives to fibre connections, for premises located in very hard-to-reach areas.

The market for ultrafast, alternative connections via technologies such as LEO satellite and 5G fixed wireless access is developing at pace. Government continues to monitor and support the development of this market, including encouraging spectrum releases and ground station deployments, and many remote premises are already adopting these services.

Government recognises the need to keep the parameters of the Broadband Universal Service Obligation (USO) under review to support connectivity in rural communities. We have hit the legislated trigger point to review the Broadband USO and are working with Ofcom to commence a review in due course.

The Government recognises the importance of building resilience and strategic advantage in frontier AI. While US companies currently provide most frontier model capabilities, our approach is to ensure the UK can access the best global models while safeguarding national interests.

We are expanding sovereign capability where it matters most by scaling onshore compute, supporting emerging national champions, and strengthening the UK talent pipeline. Our focus is on areas of the AI value chain where there is the greatest opportunity for the UK to advance its strategic position.

I refer the hon. Member to the answer I gave on 30^th January 2026 to question UIN 107897.

• AI is at the heart of the government’s plan to transform how we deliver public services and boost productivity. The AI Opportunities Action Plan outlines how we will improve these services to drive growth across the economy.
• A cross-government pilot of 20,000 civil servants found tools like Microsoft Copilot can save an average of 26 minutes per person per day, while a trial of AI coding saved engineers 56 minutes per day.
• A trial of Ambient Voice Technology in the NHS has shown a 23.5% increase in patient interaction time alongside an 8.2% reduction in appointment length. Early results with AI diagnostics showed a decreased wait time for follow-up CT scans from 6.3 to 5.6 days.
• Local authorities, including those in the East Midlands, benefit from GDS Local who have already engaged with over 300 local government digital practitioners on the opportunities AI brings to improve productivity, alongside the national rollout of tools like Extract, supporting more efficient local service delivery.

The 2024-25 outturn for Capability gross administration costs is broken down as below:

*As one of DSIT’s major projects, Matrix programme costs have been presented separately i.e. deducted from other totals above.

2019-20 outturn for the Capability line as shown within the 2020-21 Annual Report and Account was prepared for the Department for Business, Energy and Industrial Strategy, DSIT’s predecessor department. Since then, multiple Machinery of Government (MoG) changes have taken place, resulting in significant movements of policy responsibilities across government departments, including DSIT, DESNZ, DBT, DCMS and the Cabinet Office.

It should be highlighted that the Matrix programme - representing a material element of 2024-25 expenditure has only come into operation in more recent years. For these reasons, the two financial years are therefore not readily comparable.

The Department for Science, Innovation and Technology will not be publishing this letter. Releasing internal correspondence at this stage would prematurely expose discussions that relate to the ongoing development of the government’s position on a sensitive policy area. The issues involve complex regulatory, scientific, and public safety considerations, and ministerial discussions include exploratory thinking, provisional advice, and options that have not yet been finalised.

The most recent assessment of the scale of legacy systems across the public sector was conducted as part of the State of Digital Government Review, which found that 28% of public sector systems were identified as legacy IT. Individual departments remain responsible for addressing their highest risk systems. While DSIT provides oversight, it does not hold central information on all these plans.

The Secure by Design approach provides delivery and project teams with clear principles and activities to follow to increase the cyber resilience and security of new and emerging systems, services and technology infrastructure. A central DSIT team supports them through a community of champions, nominated by their respective organisation.

Over 700 public sector organisations have now signed up to the vulnerability scanning service, with the service finding and helping fix over 100 critical vulnerabilities a month.