Management of cloud cyber security is the chief challenge for UK central government, a cyber firm’s survey suggests. Given the vast amount of sensitive information held, data protection and privacy emerged as the second biggest concern, followed by regulatory compliance, according to Bridewell.
Its study was part of Bridewell’s wider Cyber Security in Critical National Infrastructure (CNI): 2025 report. Managing cloud cyber security was rated the leading challenge for government to contend with, according to 42pc of respondents. This comes amid a push towards cloud adoption across government departments under initiatives such as the Unity programme, moving core ERP, HR, and finance systems online. Meanwhile, over a third (37pc) of respondents expressed worry over data protection.
The average response time for ransomware attacks within the government sector is 11.32 hours which has increased in comparison with the year before, when respondents said it took fewer than six hours to respond to an incident. Another of this year’s findings was that data theft or disclosure incidents had the longest average response time among cyber events, with a response time of 11.38 hours.
When asked about the concern for future events and nation state threats in 2025, most, 82pc of respondents admitted that Russia state-linked actors are the biggest concern. In recent months, an uptick in Russian-linked groups targeting CNI globally has been in the public domain. For example, in February 2025 Microsoft identified a campaign targeting governments and critical infrastructure, carried out by a Russian aligned threat group named Storm-2372. Also identified as state-linked actors were China, Iran and North Korea. Other unpredictable global events, such as a health crisis (73pc), were also a significant concern for some respondents.
As for AI, most (83pc) of the respondents say they are most concerned about AI botnets. This could have been due to a recent warning issued by the UK official National Cyber Security Centre (NCSC) about the Flax Typhoon Group in China using a company to manage a global botnet of 260,000 compromised devices.
Government often outsources the cyber security of OT (operational technology) systems to contend with emerging threats and manage complex networks. In terms of the areas most outsourced, the survey found that over half of respondents have said they fully or partially outsource digital forensics and incident response (52pc) and managed detection response (55pc). About half of respondents within the sector outsource their SOC, vulnerability management and cyber security audits.
The most frequently cited significant threats to OT are AI and machine-learning based, as 31pc of respondents expressed concerns. Some 29pc highlighted remote access as a significant threat, while 26pc identified malware, phishing and ransomware.
Skills and budget
The cyber skills gap is persistent among central government bodies. Nearly a fifth (19pc) of central government organisations spend up to 10pc of their cyber security budgets on in-house IT staff, while 13pc spend up to 10pc on in-house OT personnel. Some 42pc of central government organisations are devoting between 11pc and 20pc of their cyber budgets to managed security services for OT.
Anthony Young, CEO of Bridewell said: “This year’s research shows that the UK government sector urgently needs renewed focus on cybersecurity. With cloud migration, AI threats, and ongoing skills shortages, current defences aren’t enough. Only a third plan to boost spending, yet investment in people, processes, and managed services is critical to strengthening resilience against increasingly complex and persistent threats.”
