Building cyber security in the UK public sector

Healthcare worker standing while working on a computer

The UK public sector provides British citizens with critical services across healthcare, government, and emergency response. As services are transformed by digital technologies, there’s a need to enhance public sector cyber security.

Peter Kyle, the secretary of state for Science, Innovation, and Technology, told The Guardian the UK is “desperately exposed” to cyber threats. According to the UK government’s Chronic Risks Analysis, critical national infrastructure, such as healthcare and government, is among the prime targets for attackers.

Evolving technology and reliance on legacy systems led the government to highlight strengthening cyber resilience as a key priority in the blueprint for modern digital government. Cyber security technology that can help ensure essential public services continue to deliver is ready to be implemented now.

To build the public sector’s resilience, leaders can take inspiration from how other industries use technology to improve cyber security measures. For example, Cisco reports that cyber security teams in industries such as financial services, retail, and technology are deploying AI for threat detection (85%), threat response (71%), and incident recovery (70%). ¹

Let’s unpack how the UK can use technology to enhance public sector cyber security.

The cyber security opportunity in public services

Public sector bodies handle large, sensitive datasets that make them vulnerable to cyber threats. According to NHS England, cyber attacks on London-based NHS trusts and primary care services forced the cancellation of more than 10,000 outpatient appointments after a ransomware threat in June 2024.

The transport sector is also at risk. Transport for London (TfL) reported that a cyber security incident in September 2024 delayed station upgrades and risked disrupted services across London’s underground network.

The government is increasing cyber security investment in response to threats. According to the Department for Science, Innovation, and Technology, spending for cyber security products and services in the UK public sector reached £931 million in 2024, an increase of 20% over 2023.

In healthcare, the Network and Information Systems Regulations 2018 require NHS trusts and other healthcare providers to effectively manage the risk to their systems. These conditions will be strengthened under the Cyber Security and Resilience Bill and operate alongside existing requirements to safeguard patient data.

AI’s role in public sector cyber security

AI is transforming cyber security. According to the National Cyber Security Centre (NCSC), the use of AI by attackers will almost certainly lead to an “increase in frequency and intensity of cyber threats.” At the same time, AI-enabled defence will be key in keeping pace with threats and securing systems.

For example, AI can be used to identify threat activity and solve complex challenges more quickly. According to IBM, the average time it takes for an organisation extensively using AI and automation to detect and contain a data breach is 209 days, compared to 307 days for an organisation that doesn’t use AI and automation.²

One key use case is “finding the signal in the noise” of huge datasets. AI can assess billions of data points and deliver any suspicious instances to a live agent for review. A human agent can then assess the information and decide on the best course of action, making incident response faster and more cost-effective.

When applied in public services, AI can help address threats to critical infrastructure and restore normal operations more quickly, maintaining uptime across transport, healthcare, and other vital services.

Public sector cyber security in action

Outdated terms in UK public sector contracts can stall efficiency and place unnecessary constraints on providers, limiting their opportunities to reduce costs. The government aims to enable more parties to use competitively sourced commercial products while managing security risk. Some organisations have adapted by updating legacy contracts.

ServiceNow supports government efforts to drive commercial cloud adoption across ministerial departments, public sector bodies, and agencies handling government-sanctioned sensitive data.

The ServiceNow AI Platform aligns with the NCSC Cyber Assessment Framework, empowering government departments to confidently adopt new systems and maintain full compliance with security policies. As a result, government organisations in the UK can successfully deploy cloud products and manage risk with fewer constraints.

Find out more about how ServiceNow can help you put AI to work for the public sector.

¹ Cisco, 2025 Cisco Cybersecurity Readiness Index, p. 17
² IBM, Cost of a Data Breach Report 2024