Question to the Department for Science, Innovation & Technology:

To ask the Secretary of State for Science, Innovation and Technology, whether her Department plans to be able to meet its target for the Government to be cyber resilient by the end of 2025.

Our approach to tackling Government cyber risk is driven by the 2022 Government Cyber Security Strategy which sets a clear target for critical functions to be hardened to cyber attack by 2025.

We have made important steps in understanding and mitigating risk; GovAssure has dramatically improved our understanding of cyber resilience levels across government and the systemic issues preventing departments from achieving targets. The Government Cyber Coordination Centre enables us to respond as one government to cyber incidents, threats and vulnerabilities.

However, the threat picture is the most sophisticated it has ever been and the UK's resilience picture is poorer than previously estimated. In January 2025, the NAO report into Government cyber resilience confirmed that Government since 2022 has not improved its cyber resilience quickly enough to meet its 2025 target. We welcome the report and are taking immediate action to address the recommendations.

We are accelerating our response through the launch of a more interventionist approach, which will address the long-standing shortage of cyber skills, strengthen accountability for cyber risks, provide greater support for delivery in the form of cyber services, guidance, and hands-on technical support and bolster our response capabilities to fast-moving cyber incidents.