The UK has one of the world’s leading digital economies, designed to exploit the benefits of the internet, but this also makes it vulnerable to attack from hostile countries, criminal gangs and individuals. To counter this threat, and continue to support the UK’s digital government and economy, since 2011 the Cabinet Office (the Department) has managed two, five-year national cyber security strategies. The Department is beginning to make progress in meeting the strategic outcomes of the current, 2016–2021 National Cyber Security Strategy after a poor start. However, a weak evidence base and the lack of a business case for the National Cyber Security Programme that helps to deliver the Strategy make it difficult for the Department to assess whether it will meet all its objectives by 2021. A lack of a business case also means it is unclear whether the money allocated at the start of the Programme was the right amount, making it more difficult to judge value for money. Digital technology and online services are fast-moving areas and constantly evolving, and we are concerned that consumers do not know how safe the websites or internet-enabled products they use are. There is clearly more that the government needs to do to make progress in this area.
Published: 5 June 2019