UK Reduces Cyberattack Response Time from 2 Months to Just 8 Days

Post Views: 11

UK Government Reduces Cyber Vulnerability Resolution Times by 84%

The UK government has significantly reduced the time it takes to address critical cyber vulnerabilities across the public sector, cutting resolution times by 84% in some cases. A newly launched vulnerability monitoring service (VMS) is credited with the improvement, which scans internet-facing systems at approximately 6,000 public sector organizations for weaknesses.

Vulnerability Monitoring Service (VMS)

The VMS, introduced as part of the government’s Blueprint for Modern Digital Government, utilizes commercial and proprietary tools to detect around 1,000 types of cyber vulnerabilities. When a vulnerability is identified, the service notifies the affected organization, provides guidance on remediation, and tracks progress until the issue is resolved.

Improved Resolution Times

According to government data, the median time to fix domain-related vulnerabilities has decreased from nearly two months to just eight days. For other types of cyber vulnerabilities, the median resolution time has fallen from 53 days to 32 days. The service processes and resolves approximately 400 confirmed vulnerabilities each month.

“Cyber-attacks can have a tangible impact on public services, causing delays and disruptions that affect citizens and frontline workers.” – Ian Murray, Minister for Digital Government

Enhancing Cybersecurity Capabilities

The UK government is also taking steps to enhance its cybersecurity capabilities through the introduction of a new Cyber Profession initiative. This program aims to strengthen cybersecurity expertise within public services by establishing a Cyber Resourcing Hub to streamline recruitment and creating a career framework aligned with UK Cyber Security Council professional standards.

“The government’s Cyber Action Plan is building stronger cyber defenses across public services.” – Dr. Richard Horne, CEO of the National Cyber Security Centre (NCSC)

Cyber Profession Program

The Cyber Profession program, co-branded with the Department for Science, Innovation and Technology and the NCSC, also includes plans for a government Cyber Academy, a new apprenticeship scheme, and structured career pathways to build capability within government departments.

These initiatives aim to attract and retain top talent with the skills needed to protect the UK from cyber threats. By investing in cybersecurity expertise and leveraging advanced monitoring services, the government hopes to further reduce vulnerability resolution times and enhance the overall security posture of the public sector.