Skip to main content
A Roadmap for Modern Digital Government

Keeping public services safe and resilient through joined-up standards and approaches

The Government Digital Service (GDS) and the Ministry of Housing, Communities and Local Government (MHCLG) are strengthening cyber resilience across government and local authorities by setting standards, increasing accountability and joining up approaches to manage risks.

Our goal

Government has the controls and processes in place to improve our overall resilience and manage the most serious digital and technological risks.

What this means for you

Some projects within this initiative do not cover the whole UK. Whether they apply depends on the service and where it is available. The Devolved Governments decide how it will apply in their area.

  • Clearer standards and accountability: if you’re a public sector worker, you’ll have access to shared expectations and clarity on who is responsible for keeping services secure.
  • Better tools and assessments: government will be able to easily measure how well our systems are protected, helping us quickly find and fix weaknesses before incidents occur.
  • Data protection: your personal data will be better protected, no matter which part of government you’re dealing with.

Our progress so far

October 2024: MHCLG launched the Cyber Assessment Framework for Local Government

MHCLG designed a new framework to support local authorities in England. This allows them to easily measure how well their systems are protected from cyber attacks. By finding and fixing weaknesses, councils can better protect your personal data and keep the local services you rely on, such as paying council tax or accessing social care, running securely.

October 2025: MHCLG launched Local Government Cyber Incident Response Service

This service from MHCLG provides local authorities in England with central emergency support during cyber incidents, helping them respond quickly and minimise impact. This means they can get specialist support to respond quickly, helping to protect your personal data and minimise disruption to the local services you rely on.

January 2026: GDS published the Government Cyber Action Plan

This sets out how the public sector will collectively achieve the ambitions of the Government Cyber Security Strategy (GCSS), by implementing a new interventionist approach. This provides clarity, stronger accountability and shared expectations across the public sector. It also makes it clear who is responsible for keeping services secure, helping to protect the personal information you share with government.

What we’re planning to do next

March 2026: MHCLG launch new local government cyber support programme

MHCLG will launch a new programme to provide local authorities with guidance and support to strengthen their cyber resilience in line with the Cyber Assessment Framework for Local Government. It’ll help keep your personal information safe and ensure services like paying council tax or accessing social care are reliable.

May 2026: GDS test cyber and digital resilience model with departments

GDS will run live exercises and set up central reporting mechanisms across departments. This will give us early insights to confirm that the new model increases accountability and addresses risk. This will help ensure the critical public services you rely on, like applying for a passport or receiving pension payments, are better protected and can get back online quickly if problems occur.

June 2026: GDS create operational cyber foundations

GDS will set up a central accountability and service function to provide essential policy and standards to set stronger direction and take more control over key cyber risks and decisions. This joined-up approach means your personal data will be better protected, no matter which part of government you’re dealing with, and we’ll be able to act quickly to fix widespread security risks.

By the end of 2026: MHCLG launch further support for councils to ‘Defend as One’

New MHCLG support will help local authorities work together to tackle collective cyber threats, sharing knowledge and coordinating actions to adopt a proactive, unified approach to cyber defence. This will help to protect your personal data and keep local services across the country safe from attack.

More information

For more information, read the Cyber Assessment Framework (CAF) for local government.

In this section