Source · Select Committees · Public Accounts Committee
Recommendation 23
23
Acknowledged
DWP recognises significant cyber risk given sensitive data and essential public services.
Conclusion
In our May 2025 report on government cyber resilience, we concluded that government had not kept up with the severe and rapidly evolving cyber threat, that there was a longstanding shortage of experienced, technical cyber skills, and that departments had not done enough to prioritise cyber security.35 The Department told us that it had identified cyber risk as one of its most significant risks and it was something that its executive team looked at very closely. It stressed that, given the significance of the customer data it had and the nature of the essential services it provided, cyber attack had to be avoided at all costs.36
Government Response Summary
The Department told us that it had identified cyber risk as one of its most significant risks and it was something that its executive team looked at very closely. It stressed that, given the signif
Government Response
Acknowledged
HM Government
Acknowledged
In our May 2025 report on government cyber resilience, we concluded that government had not kept up with the severe and rapidly evolving cyber threat, that there was a longstanding shortage of experienced, technical cyber skills, and that departments had not done enough to prioritise cyber security.35 The Department told us that it had identified cyber risk as one of its most significant risks and it was something that its executive team looked at very closely. It stressed that, given the signif