SecurityBrief UK - Technology news for CISOs & cybersecurity decision-makers
United Kingdom

Guides

#
cloud security
#
cybersecurity
#
endpoint protection
#
firewalls
#
ransomware

Search

Worried uk government it professional surrounded by complex servers and cables
#
Data Protection
#
Advanced Persistent Threat Protection
#
AI

UK IT leaders warn cyber defences lack funding & skills

Tue, 26th Aug 2025
Author image
By Jed Nykolle Harme, Editor

Almost half of UK public sector IT leaders believe their cybersecurity tools are not sufficiently protecting sensitive data, according to new research from SolarWinds.

The survey of 100 public sector IT decision-makers identified system complexity and budget constraints as the main factors contributing to cybersecurity weaknesses in government, health, and education organisations.

Complex environments

The study found that 58% of respondents describe their IT environments as either "extremely" or "very" complex. This figure rises to 70% among IT leaders working in the health and education sectors, compared to 45% in regional and central government.

The high levels of complexity are perceived as making it more difficult to identify and respond to cyberthreats effectively, increasing the risk of vulnerabilities within public sector infrastructure.

Budget constraints

Nearly a quarter (23%) of those surveyed cited financial limitations as the foremost barrier to strengthening cybersecurity. Respondents reported that constrained budgets prevent them from upgrading ageing systems and investing in staff training, further limiting their ability to respond to current and emerging cyber risks.

Richard Giblin, Head of Public Sector and Defence at SolarWinds, commented on these findings:

"These findings reflect a public sector under mounting pressure to address rising cyberthreats while navigating regulatory and fiscal constraints. Despite the clear need to modernise, complexity, cost and trust remain substantial barriers."

Human factors

Human error also remains a significant concern. The majority of respondents (56%) identified careless or untrained insiders as the most significant security threat. This highlights a perceived need within the public sector to invest in robust cyber awareness and training initiatives for employees at all levels of organisations.

Technology trends

Despite the challenges, the research reveals a growing interest in advanced technologies to strengthen cyber defences. More than half (53%) of respondents said they plan to prioritise observability - the ability to monitor and understand IT systems in real-time - over the coming years. Many also recognise the potential of artificial intelligence (AI) solutions for supporting monitoring and predictive threat detection.

These technologies are seen as useful in expediting incident response and improving organisations' resilience to evolving cyberthreats, though their successful adoption depends on wider organisational change.

Giblin explained:

"To make meaningful progress, public sector organisations must align across departments and integrate technologies such as observability and AI with well-defined governance, comprehensive training and a shared commitment to security at all levels. Technology alone is insufficient – it must be part of a broader, strategic approach to cyber-resilience."

Sector breakdown

The research differentiates between segments within the public sector. Health and education emerged as facing the greatest IT complexity, with 70% reporting high complexity, a figure significantly higher than the 45% in regional and central government. This disparity is likely to affect the ability of these sectors to upgrade their systems and implement cybersecurity improvements.

Government bodies were also found to be grappling with persistent budget limitations, further raising concerns about their ability to modernise IT infrastructure and maintain cyber defences in a changing digital landscape.

Focus on collaboration

The findings suggest the importance of coordinated action across departments and agencies to address gaps in cyber resilience. While technology solutions like observability and AI have potential, their benefits depend on a wider commitment to governance, skilled personnel, and sustained investment in training and system upgrades.

The survey was conducted online in December 2024 among 100 UK and 200 US IT decision-makers and influencers across federal, state, local, and education sectors. It explored confidence and concerns related to IT management, barriers to digital modernisation, and the use of AI within organisations.

Related stories
Hubtel IT hires for AI push & GBP £2.5m growth plan
UK online shopping scams soar 416% amid ad fraud surge
LinkedIn DMs abused to spread Python-based malware
UK ambulance data breaches surge past 4,000 in three years
Sophos unveils browser-led suite to govern AI & SaaS

Top stories

Deutsche Telekom boosts API security with Akamai deal
Identity compromise drives cyber risk as AI agents surge
Vincent Lomba joins ENISA group on EU cyber policy
Climb extends Delinea identity security reach in Europe
New Zero Trust framework secures Private 5G & Wi-Fi