[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$f4hz1yLLRdFnmT207wwL4tvsBV2n_2kfak8BNoFc-J7g":3,"page-\u002Fuk\u002Fen\u002Fgovernment-cyber-action-plan":85,"$fBP3ggdKCJednmsoREfENIZTFy0lKxFd7hEDQFr-feSM":458,"$fDh3cwgtoutvKR5CCE2XRXsY2aAqyi5_cBVUpcKbJovU":495},{"talan_aa_testing_tech_americas":4,"talan_aa_testing_tech_uk":32,"talan_localhost_france":50,"talan_localhost_global":68},{"name":5,"domain_suffix":6,"languages":7,"countries":10,"menus":13,"search_page":16,"career_hub_page":19,"content_hub_page":26},"Americas","americas",{"en":8,"fr":9},"en","fr",[11,12],"us","ca",{"footer":14,"main":15},"dm14049411-footer","dm14049411-main",{"en":17,"fr":18},"\u002Fen\u002Fsearch","\u002Ffr\u002Frechercher",{"en":20,"fr":23},{"url":21,"title":22},"\u002Famericas\u002Fen\u002Fjoin-us\u002Four-job-offers","Our job offers",{"url":24,"title":25},"\u002Famericas\u002Ffr\u002Fnous-rejoindre\u002Fnos-offres-demploi","Nos offres d'emploi",{"en":27,"fr":30},{"url":28,"title":29},"\u002Fen\u002Fpositive-innovation","Positive Innovation",{"url":31,"title":29},"\u002Ffr\u002Fpositive-innovation",{"front_page":33,"name":34,"domain_suffix":35,"languages":36,"countries":37,"menus":39,"search_page":42,"career_hub_page":43,"content_hub_page":46,"domain":49},"\u002Fnode\u002F897","UK","uk",{"en":8},[38],"gb",{"footer":40,"main":41},"dm3910373-footer","dm3910373-main",{"en":17,"fr":18},{"en":44},{"url":45,"title":22},"\u002Fuk\u002Fen\u002Four-job-offers",{"en":47,"fr":48},{"url":28,"title":29},{"url":31,"title":29},"talan_aa_testing_tech_uk",{"front_page":51,"name":52,"domain_suffix":53,"languages":54,"countries":55,"menus":56,"search_page":59,"career_hub_page":60,"content_hub_page":65},"\u002Fnode\u002F686","France","france",{"fr":9},[9],{"footer":57,"main":58},"dm945515-footer","dm945515-main",{"en":17,"fr":18},{"en":61,"fr":63},{"url":62,"title":22},"\u002Ffrance\u002Fen\u002Fjoin-us\u002Four-job-offers",{"url":64,"title":25},"\u002Ffrance\u002Ffr\u002Fnous-rejoindre\u002Fnos-offres-demploi",{"en":66,"fr":67},{"url":28,"title":29},{"url":31,"title":29},{"name":69,"domain_suffix":70,"languages":71,"countries":72,"menus":73,"search_page":76,"career_hub_page":77,"content_hub_page":82},"Global","global",{"en":8,"fr":9},null,{"footer":74,"main":75},"dm1532175-footer","dm1532175-main",{"en":17,"fr":18},{"en":78,"fr":80},{"url":79,"title":22},"\u002Fglobal\u002Fen\u002Fjoin-us\u002Four-job-offers",{"url":81,"title":25},"\u002Fglobal\u002Ffr\u002Fnous-rejoindre\u002Fnos-offres-demploi",{"en":83,"fr":84},{"url":28,"title":29},{"url":31,"title":29},{"title":86,"breadcrumbs":87,"metatags":99,"content_format":117,"content":118,"page_layout":411,"contact_link":412,"blocks":417,"current_user":451,"local_tasks":456,"messages":457},"Government Cyber Action Plan | Talan - Site groupe",[88,92,96],{"frontpage":89,"url":90,"label":91},true,"\u002Fuk\u002Fen","Home",{"frontpage":93,"url":94,"label":95},false,"\u002Fuk\u002Fen\u002Finsights","Insights",{"frontpage":93,"url":97,"label":98},"","Government Cyber Action Plan",{"meta":100,"link":108},[101,103,106],{"name":102,"content":86},"title",{"name":104,"content":105},"robots","index, follow",{"property":107,"content":97},"og:image",[109,112,115],{"rel":110,"href":111},"canonical","https:\u002F\u002Fwww.talan.com\u002Fuk\u002Fen\u002Fgovernment-cyber-action-plan",{"rel":113,"hreflang":114,"href":111},"alternate","en-GB",{"rel":113,"hreflang":116,"href":111},"x-default","json",{"element":119,"created":120,"experts":121,"headerBody":142,"image":143,"linkedMajorExpertises":156,"publishedDate":170,"title":98,"type":171,"uid":172,"nid":173,"href":174,"lang":8,"domain":35,"headerCtaMain":175,"headerCtaSecond":180,"libraryOfAnchorBlocs":183,"libraryOfBloc":199,"sources":405},"node-insight","1767777210",[122],{"element":123,"name":124,"picture":125,"position":138,"tid":139,"type":140,"href":141},"taxonomy-term-expert","Ian HIRST",{"element":126,"mediaImage":127,"title":136,"type":137},"media-image-responsive-narrow",{"element":128,"content":129},"field-image",{"srcset":130,"sizes":131,"url":133,"alt":134,"width":135,"height":135},"https:\u002F\u002Fstatic.talan.com\u002Fs3fs-public\u002Fstyles\u002Fmax_325x325\u002Fpublic\u002F2025-01\u002FIan-HIRST.jpg.webp?itok=-PrxIod7 325w, https:\u002F\u002Fstatic.talan.com\u002Fs3fs-public\u002Fstyles\u002Fmax_650x650\u002Fpublic\u002F2025-01\u002FIan-HIRST.jpg.webp?itok=NNHwcu6l 512w",{"325":132,"512":133},"https:\u002F\u002Fstatic.talan.com\u002Fs3fs-public\u002Fstyles\u002Fmax_325x325\u002Fpublic\u002F2025-01\u002FIan-HIRST.jpg.webp?itok=-PrxIod7","https:\u002F\u002Fstatic.talan.com\u002Fs3fs-public\u002Fstyles\u002Fmax_650x650\u002Fpublic\u002F2025-01\u002FIan-HIRST.jpg.webp?itok=NNHwcu6l","Ian Hirst","325","Image of Ian Hirst","image","Cyber Threat Services Partner","1114","expert","\u002Fuk\u002Fen\u002Fian-hirst","Critical analysis summary ",{"element":144,"mediaImage":145,"title":155,"type":137},"media-image-responsive-half-banner",{"element":128,"content":146},{"srcset":147,"sizes":148,"url":151,"alt":152,"width":153,"height":154},"https:\u002F\u002Fstatic.talan.com\u002Fs3fs-public\u002Fstyles\u002Fhalf_banner_400\u002Fpublic\u002F2026-01\u002FSecurity-Privacy-Protection-Cyber-Warning-Laptop.jpg.webp?itok=9NrDRRu2 400w, https:\u002F\u002Fstatic.talan.com\u002Fs3fs-public\u002Fstyles\u002Fhalf_banner_700\u002Fpublic\u002F2026-01\u002FSecurity-Privacy-Protection-Cyber-Warning-Laptop.jpg.webp?itok=P_uq-Ddi 700w, https:\u002F\u002Fstatic.talan.com\u002Fs3fs-public\u002Fstyles\u002Fhalf_banner\u002Fpublic\u002F2026-01\u002FSecurity-Privacy-Protection-Cyber-Warning-Laptop.jpg.webp?itok=foxrv9EP 1200w",{"400":149,"700":150,"1200":151},"https:\u002F\u002Fstatic.talan.com\u002Fs3fs-public\u002Fstyles\u002Fhalf_banner_400\u002Fpublic\u002F2026-01\u002FSecurity-Privacy-Protection-Cyber-Warning-Laptop.jpg.webp?itok=9NrDRRu2","https:\u002F\u002Fstatic.talan.com\u002Fs3fs-public\u002Fstyles\u002Fhalf_banner_700\u002Fpublic\u002F2026-01\u002FSecurity-Privacy-Protection-Cyber-Warning-Laptop.jpg.webp?itok=P_uq-Ddi","https:\u002F\u002Fstatic.talan.com\u002Fs3fs-public\u002Fstyles\u002Fhalf_banner\u002Fpublic\u002F2026-01\u002FSecurity-Privacy-Protection-Cyber-Warning-Laptop.jpg.webp?itok=foxrv9EP","security privacy protection anti virus encryption hacker system datum interface ai accuracy information error cyber warning enhance resilience enabling reliable digital operation","1300","868","Image of a security privacy protection anti virus encryption interface, showing cyber warning",[157,162,166],{"element":158,"id":159,"name":160,"href":161},"taxonomy-term-expertise-category","1266","Cybersecurity","\u002Fuk\u002Fen\u002Fall-our-insights?expertise=1266",{"element":158,"id":163,"name":164,"href":165},"1270","Data","\u002Fuk\u002Fen\u002Fall-our-insights?expertise=1270",{"element":158,"id":167,"name":168,"href":169},"1278","Artificial Intelligence & Generative AI","\u002Fuk\u002Fen\u002Fall-our-insights?expertise=1278","2026-01-07T09:14:37","insight","31","2325","\u002Fuk\u002Fen\u002Fgovernment-cyber-action-plan",{"element":176,"text-200":177,"title-255":178,"type":179},"pg-anchor","contact","Contact Us","anchor",{"element":176,"text-200":181,"title-255":182,"type":179},"capabilities","Linked Capabilities",[184,187,190,193,196],{"element":176,"text-200":185,"title-255":186,"type":179},"plan","The Action Plan",{"element":176,"text-200":188,"title-255":189,"type":179},"changes","Key Changes",{"element":176,"text-200":191,"title-255":192,"type":179},"heart","Heart of the Plan",{"element":176,"text-200":194,"title-255":195,"type":179},"view","Our View",{"element":176,"text-200":197,"title-255":198,"type":179},"now","Where we can Help",[200,206,209,229,284,321,366,377,381,384,394],{"element":201,"hideSeparator":202,"type":203,"wysiwyg":204},"pg-wysiwyg","1","wysiwyg",[205],"\u003Ch3>The Government Cyber Action Plan, published 6 January 2026, is designed to fulfil the objective outlined in the Digital and AI Roadmap: ensuring that public services are secure, trustworthy, and resilient. \u003C\u002Fh3>\u003Cp>It acknowledges that the ambition in the 2022 Government Cyber Security Strategy (GCSS), for all government departments to be resilient to known vulnerabilities and attack methods by \u003Cstrong>2030\u003C\u002Fstrong>, is \u003Cstrong>not achievable on the original timeline\u003C\u002Fstrong>. It therefore proposes a \u003Cstrong>more centralised, measurable, and directive model\u003C\u002Fstrong> led by Department for Science, Innovation and Technology (DSIT). \u003C\u002Fp>\u003Cp>What is most significant (and different) is not simply “more cyber activity”; it is the \u003Cstrong>shift in operating model\u003C\u002Fstrong>: \u003C\u002Fp>\u003Cul>\u003Cli>\u003Cstrong>Cyber risk will be treated as a system-wide governance problem\u003C\u002Fstrong>, rather than an isolated department issue. This will be supported by a named government-wide risk owner, a new Government Technology Risk Group, and clearer escalation and mandated routes.\u003C\u002Fli>\u003Cli>\u003Cstrong>Data, metrics, and assurance \u003C\u002Fstrong>are prioritised, building on \u003Cstrong>GovAssure \u003C\u002Fstrong>and outcomes-based measurement (including use of Cyber Assessment Frameworks) with implementation milestones.\u003C\u002Fli>\u003Cli>The plan is overt about the drivers of risk, including\u003Cstrong> legacy technology\u003C\u002Fstrong>, control maturity gaps (asset management, protective monitoring, response planning), and\u003Cstrong> common dependencies\u002Fsuppliers\u003C\u002Fstrong>. It positions shared services and coordinated response as key countermeasures. \u003C\u002Fli>\u003C\u002Ful>\u003Cp>From an industry perspective, the plan signals \u003Cstrong>tighter expectations\u003C\u002Fstrong> for suppliers and “defend as one” collaboration. There is also an increased focus on \u003Cstrong>secure-by-design principles, shared detection content\u003C\u002Fstrong>, and coordinated responses. \u003C\u002Fp>\u003Cp>The main execution risks are predictable but material: \u003Cstrong>data quality and reporting burden\u003C\u002Fstrong>, the reality of \u003Cstrong>skills shortages\u003C\u002Fstrong>, and whether funding and delivery capacity are sufficient to reduce risk faster than threat and dependency complexity increases. The plan attempts to address capability constraints through a new \u003Cstrong>Government Cyber Profession\u003C\u002Fstrong> and centralised support\u002Fservices, but delivery discipline will be decisive.\u003C\u002Fp>",{"element":201,"hideSeparator":202,"type":203,"anchor":185,"wysiwyg":207},[208],"\u003Ch3>What is the UK Government Cyber Action Plan? \u003C\u002Fh3>\u003Cp>The \u003Cstrong>Government Cyber Action Plan\u003C\u002Fstrong> sets out a practical programme to strengthen the cyber security and digital resilience of public services, so citizens can rely on them for healthcare, benefits, tax, identity checks, and more. The headline is ambition; the substance is operational: this is a plan to\u003Cstrong> measure risk, prioritise investment, raise accountability, and coordinate delivery at scale \u003C\u002Fstrong>across government and the wider public sector. \u003C\u002Fp>\u003Cp>This matters beyond Whitehall. If you supply government, regulate public services, operate critical national infrastructure, or lead cyber security in any organisation that depends on public-sector platforms and data flows, the plan signals a clear direction of travel: more measurable expectations, \u003Cstrong>more assurance, more coordinated response, and stronger supply-chain governance\u003C\u002Fstrong>.\u003C\u002Fp>\u003Ch5>Why Government felt it needed a new plan \u003C\u002Fh5>\u003Cp>The Action Plan is candid about the context. It links the push for digitised public services to the need for trust: as services move online, the “surface area” for cyber risk and operational failure grows. It also treats resilience failures broadly, covering malicious attacks and non-malicious outages, because both can remove access to critical services. The plan points to recent disruptions as evidence of impact. For example, it references the \u003Cstrong>Synnovis incident \u003C\u002Fstrong>affecting blood testing and surgeries, ransomware impacts on local authorities, the \u003Cstrong>British Library ransomware attack\u003C\u002Fstrong>, and the \u003Cstrong>2024 CrowdStrike outage\u003C\u002Fstrong>, noting how a single supplier dependency can cause widespread disruption.\u003C\u002Fp>\u003Cp>Most importantly, the government’s own assurance picture is uncomfortable. The plan states that \u003Cstrong>GovAssure\u003C\u002Fstrong> results showed “significant gaps” across departments, including low maturity in foundational controls such as \u003Cstrong>asset management, protective monitoring, and response planning\u003C\u002Fstrong>, and estimates that \u003Cstrong>28%\u003C\u002Fstrong> of the technology estate is legacy technology and therefore highly vulnerable. \u003C\u002Fp>\u003Ch5>The “radical shift”: from aspiration to a more centralised operating model \u003C\u002Fh5>\u003Cp>A key line in the Action Plan is that the target in the 2022 Government Cyber Security Strategy, for government organisations to be resilient to known vulnerabilities and attack methods by \u003Cstrong>2030\u003C\u002Fstrong>, is \u003Cstrong>not achievable\u003C\u002Fstrong> on the original timeline. The plan argues that a “radical shift” is needed, drawing on lessons from international and industry partners that \u003Cstrong>strong central direction and active leadership\u003C\u002Fstrong> can make a national-level impact. \u003C\u002Fp>\u003Cp>In practical terms, that means a stronger centre, delivered through a new\u002Fexpanded \u003Cstrong>Government Cyber Unit\u003C\u002Fstrong> within DSIT, led by the Government CISO, and including the \u003Cstrong>Government Cyber Coordination Centre (GC3)\u003C\u002Fstrong> (jointly sponsored with NCSC) to coordinate operational response to threats, vulnerabilities, and incidents.\u003C\u002Fp>",{"element":210,"imagePosition":211,"title-255":212,"type":213,"anchor":188,"expandsItems":214},"pg-expands","left","What are the key parts of the Cyber Action Plan? ","expands",[215,221,225],{"element":216,"title-60":217,"type":218,"wysiwyg":219},"pg-expands-item","Grouping strategic objectives","expands_item",[220],"\u003Cp>The Action Plan groups its intent into four strategic objectives:\u003C\u002Fp>\u003Col>\u003Cli>\u003Cstrong>Better visibility of cyber and resilience risk \u003C\u002Fstrong>(measure what matters, use data to understand systemic and departmental risks)\u003C\u002Fli>\u003Cli>\u003Cstrong>Addressing severe and complex risks\u003C\u002Fstrong> (invest centrally where individual organisations cannot remediate alone)\u003C\u002Fli>\u003Cli>\u003Cstrong>Improving responsiveness to fast-moving events\u003C\u002Fstrong> (better capability to manage evolving threats, vulnerabilities, and incidents)\u003C\u002Fli>\u003Cli>\u003Cstrong>Rapidly increasing government-wide cyber resilience \u003C\u002Fstrong>(shared services\u002Fsupport; focus on major vulnerabilities such as legacy tech; embed continuous improvement) \u003C\u002Fli>\u003C\u002Fol>",{"element":216,"title-60":222,"type":218,"wysiwyg":223},"Achieving the objectives",[224],"\u003Cp>To achieve those objectives, government organises delivery into five strands:\u003C\u002Fp>\u003Cul>\u003Cli>\u003Cstrong>Accountability \u003C\u002Fstrong>(clear ownership and consequences)\u003C\u002Fli>\u003Cli>\u003Cstrong>Support \u003C\u002Fstrong>(practical help and prioritised intervention)\u003C\u002Fli>\u003Cli>\u003Cstrong>Services \u003C\u002Fstrong>(scaled services that reduce risk across many organisations at once)\u003C\u002Fli>\u003Cli>\u003Cstrong>Response and recovery\u003C\u002Fstrong> (coordination, readiness, mutual aid, and recovery discipline)\u003C\u002Fli>\u003Cli>\u003Cstrong>Skills \u003C\u002Fstrong>(a new Government Cyber Profession and wider learning pathways)\u003C\u002Fli>\u003C\u002Ful>",{"element":216,"title-60":226,"type":218,"wysiwyg":227},"Splitting into phases",[228],"\u003Cp>The plan is explicitly split into three phases:\u003C\u002Fp>\u003Cul>\u003Cli>\u003Cstrong>Phase 1 – Building (by April 2027)\u003C\u002Fstrong>: stand up the model, core functions, refreshed governance, priority services\u002Fsupport, clear standards\u002Ftargets, launch the cyber profession, and define structures in a Government Cyber Incident Response Plan.\u003C\u002Fli>\u003Cli>\u003Cstrong>Phase 2 – Scaling (by April 2029): \u003C\u002Fstrong>use government-wide visibility to make investment cases for severe risks; deliver a pipeline of services\u002Fsupport; mature concurrent-incident capability; and have departments operating fully within governance for themselves, Arm’s Length Bodies (ALBs), and sectors.\u003C\u002Fli>\u003Cli>\u003Cstrong>Phase 3 – Improving (April 2029+):\u003C\u002Fstrong> continuous improvement using shared insights, sustainable service pipelines, stronger supplier assurance, and profession-led transformation.\u003C\u002Fli>\u003C\u002Ful>",{"element":230,"title":231,"type":232,"tabs":233},"pg-tabs","What are the changes for public sector leaders?","tabs",[234,253,269],{"element":235,"imagePosition":236,"mediaImage":237,"tabLabel":248,"title":249,"type":250,"wysiwyg":251},"pg-tab","right",{"element":144,"mediaImage":238,"title":247,"type":137},{"element":128,"content":239},{"srcset":240,"sizes":241,"url":244,"alt":245,"width":153,"height":246},"https:\u002F\u002Fstatic.talan.com\u002Fs3fs-public\u002Fstyles\u002Fhalf_banner_400\u002Fpublic\u002F2025-10\u002FCheckbox-quality-document-checklist.jpg.webp?itok=rMhHhuQk 400w, https:\u002F\u002Fstatic.talan.com\u002Fs3fs-public\u002Fstyles\u002Fhalf_banner_700\u002Fpublic\u002F2025-10\u002FCheckbox-quality-document-checklist.jpg.webp?itok=r9Kgc6_6 700w, https:\u002F\u002Fstatic.talan.com\u002Fs3fs-public\u002Fstyles\u002Fhalf_banner\u002Fpublic\u002F2025-10\u002FCheckbox-quality-document-checklist.jpg.webp?itok=jRDS2YyX 1200w",{"400":242,"700":243,"1200":244},"https:\u002F\u002Fstatic.talan.com\u002Fs3fs-public\u002Fstyles\u002Fhalf_banner_400\u002Fpublic\u002F2025-10\u002FCheckbox-quality-document-checklist.jpg.webp?itok=rMhHhuQk","https:\u002F\u002Fstatic.talan.com\u002Fs3fs-public\u002Fstyles\u002Fhalf_banner_700\u002Fpublic\u002F2025-10\u002FCheckbox-quality-document-checklist.jpg.webp?itok=r9Kgc6_6","https:\u002F\u002Fstatic.talan.com\u002Fs3fs-public\u002Fstyles\u002Fhalf_banner\u002Fpublic\u002F2025-10\u002FCheckbox-quality-document-checklist.jpg.webp?itok=jRDS2YyX","Quality Tick signs checkbox","722","Image of a businessman using pen to tick correct sign mark in checkbox for quality document control checklist","Accountability","Accountability becomes sharper, and explicitly board-level","tab",[252],"\u003Cp>A major feature is the strengthening of “who owns the risk.” The plan states that the \u003Cstrong>Accounting Officer\u003C\u002Fstrong> (Permanent Secretary or CEO) has \u003Cstrong>overall accountability\u003C\u002Fstrong> for organisational cyber risk, extending, for lead government departments, to ALBs and parts of the wider public sector under their economic responsibility, and to appropriate assurance of suppliers. \u003C\u002Fp>\u003Cp>It also defines practical expectations: appointing an informed board member with cyber expertise; appointing senior leaders for cyber security (CISO) and digital\u002Ftechnology (CDIO); and ensuring routine reporting from CISO\u002FCDIO to the board on the state of risk across the department, ALBs, public sector remit, and supply chain. \u003C\u002Fp>",{"element":235,"imagePosition":236,"mediaImage":254,"tabLabel":265,"title":266,"type":250,"wysiwyg":267},{"element":144,"mediaImage":255,"title":264,"type":137},{"element":128,"content":256},{"srcset":257,"sizes":258,"url":261,"alt":262,"width":153,"height":263},"https:\u002F\u002Fstatic.talan.com\u002Fs3fs-public\u002Fstyles\u002Fhalf_banner_400\u002Fpublic\u002F2026-01\u002FCybersecurity-technology-protection-concept.jpg.webp?itok=UjoTF60A 400w, https:\u002F\u002Fstatic.talan.com\u002Fs3fs-public\u002Fstyles\u002Fhalf_banner_700\u002Fpublic\u002F2026-01\u002FCybersecurity-technology-protection-concept.jpg.webp?itok=GP2slgD6 700w, https:\u002F\u002Fstatic.talan.com\u002Fs3fs-public\u002Fstyles\u002Fhalf_banner\u002Fpublic\u002F2026-01\u002FCybersecurity-technology-protection-concept.jpg.webp?itok=Hu0Y-WLW 1200w",{"400":259,"700":260,"1200":261},"https:\u002F\u002Fstatic.talan.com\u002Fs3fs-public\u002Fstyles\u002Fhalf_banner_400\u002Fpublic\u002F2026-01\u002FCybersecurity-technology-protection-concept.jpg.webp?itok=UjoTF60A","https:\u002F\u002Fstatic.talan.com\u002Fs3fs-public\u002Fstyles\u002Fhalf_banner_700\u002Fpublic\u002F2026-01\u002FCybersecurity-technology-protection-concept.jpg.webp?itok=GP2slgD6","https:\u002F\u002Fstatic.talan.com\u002Fs3fs-public\u002Fstyles\u002Fhalf_banner\u002Fpublic\u002F2026-01\u002FCybersecurity-technology-protection-concept.jpg.webp?itok=Hu0Y-WLW","Set up cybersecurity technology protection concept. ","867","Image of three padlocks depicting cybersecurity technology protection","Risk","Risk split into “gov-wide” and “local” categories with clearer escalation route",[268],"\u003Cp>The Action Plan distinguishes between: \u003C\u002Fp>\u003Cul>\u003Cli>\u003Cstrong>Government-wide risks \u003C\u002Fstrong>(central risks) that are too severe\u002Fcomplex for a single organisation. Examples include nation-state targeting, common vulnerabilities exploitable at scale, common dependencies (platforms\u002Fmajor suppliers), and risks from widespread adoption of novel technologies such as generative AI.\u003C\u002Fli>\u003Cli>\u003Cstrong>Organisational risks \u003C\u002Fstrong>(local risks) that primarily affect one organisation. Examples include insider threat, data breaches, and misconfigurations.\u003C\u002Fli>\u003C\u002Ful>\u003Cp>Government-wide cyber risk is owned by DSIT, managed by the Cyber Unit, and governed via the Technology Risk Group for escalation. \u003C\u002Fp>\u003Cp>CISOs should expect standardised risk appetite, reporting, and more scrutiny of cross-cutting risks across organisations and suppliers.\u003C\u002Fp>",{"element":235,"imagePosition":236,"mediaImage":270,"tabLabel":280,"title":281,"type":250,"wysiwyg":282},{"element":144,"mediaImage":271,"title":279,"type":137},{"element":128,"content":272},{"srcset":273,"sizes":274,"url":277,"alt":278,"width":153,"height":263},"https:\u002F\u002Fstatic.talan.com\u002Fs3fs-public\u002Fstyles\u002Fhalf_banner_400\u002Fpublic\u002F2026-01\u002FProtecting-Networks-Mobile-Phone.jpg.webp?itok=H7PMvtQr 400w, https:\u002F\u002Fstatic.talan.com\u002Fs3fs-public\u002Fstyles\u002Fhalf_banner_700\u002Fpublic\u002F2026-01\u002FProtecting-Networks-Mobile-Phone.jpg.webp?itok=j7hJQu7z 700w, https:\u002F\u002Fstatic.talan.com\u002Fs3fs-public\u002Fstyles\u002Fhalf_banner\u002Fpublic\u002F2026-01\u002FProtecting-Networks-Mobile-Phone.jpg.webp?itok=Oprfpr3e 1200w",{"400":275,"700":276,"1200":277},"https:\u002F\u002Fstatic.talan.com\u002Fs3fs-public\u002Fstyles\u002Fhalf_banner_400\u002Fpublic\u002F2026-01\u002FProtecting-Networks-Mobile-Phone.jpg.webp?itok=H7PMvtQr","https:\u002F\u002Fstatic.talan.com\u002Fs3fs-public\u002Fstyles\u002Fhalf_banner_700\u002Fpublic\u002F2026-01\u002FProtecting-Networks-Mobile-Phone.jpg.webp?itok=j7hJQu7z","https:\u002F\u002Fstatic.talan.com\u002Fs3fs-public\u002Fstyles\u002Fhalf_banner\u002Fpublic\u002F2026-01\u002FProtecting-Networks-Mobile-Phone.jpg.webp?itok=Oprfpr3e","Zero trust protects data on each network through authentication and ensures remote access security for all devices","Image of man holding a mobile phone depicting how data is protected each network through authentication and ensures remote access security for all devices","Assurance","Assurance and “CAF profiles” are positioned as the common language",[283],"\u003Cp>The plan explicitly references use of \u003Cstrong>Cyber Assessment Framework (CAF) outcomes \u003C\u002Fstrong>and “appropriate CAF profiles” for reporting and assurance across ALBs and wider public sector sectors. \u003C\u002Fp>\u003Cp>In plain terms: government is aiming for a world where cyber maturity and resilience are described and compared in a more consistent way, reducing ambiguity and enabling prioritisation.\u003C\u002Fp>",{"element":230,"title":285,"type":232,"tabs":286},"What it means for industry and suppliers",[287,303,312],{"element":235,"imagePosition":211,"mediaImage":288,"tabLabel":299,"title":300,"type":250,"wysiwyg":301},{"element":144,"mediaImage":289,"title":298,"type":137},{"element":128,"content":290},{"srcset":291,"sizes":292,"url":295,"alt":296,"width":153,"height":297},"https:\u002F\u002Fstatic.talan.com\u002Fs3fs-public\u002Fstyles\u002Fhalf_banner_400\u002Fpublic\u002F2025-09\u002FColleagues-Laptop-Data-Centre.jpg.webp?itok=EfdZ5HHd 400w, https:\u002F\u002Fstatic.talan.com\u002Fs3fs-public\u002Fstyles\u002Fhalf_banner_700\u002Fpublic\u002F2025-09\u002FColleagues-Laptop-Data-Centre.jpg.webp?itok=chdImY4U 700w, https:\u002F\u002Fstatic.talan.com\u002Fs3fs-public\u002Fstyles\u002Fhalf_banner\u002Fpublic\u002F2025-09\u002FColleagues-Laptop-Data-Centre.jpg.webp?itok=goLhhWl5 1200w",{"400":293,"700":294,"1200":295},"https:\u002F\u002Fstatic.talan.com\u002Fs3fs-public\u002Fstyles\u002Fhalf_banner_400\u002Fpublic\u002F2025-09\u002FColleagues-Laptop-Data-Centre.jpg.webp?itok=EfdZ5HHd","https:\u002F\u002Fstatic.talan.com\u002Fs3fs-public\u002Fstyles\u002Fhalf_banner_700\u002Fpublic\u002F2025-09\u002FColleagues-Laptop-Data-Centre.jpg.webp?itok=chdImY4U","https:\u002F\u002Fstatic.talan.com\u002Fs3fs-public\u002Fstyles\u002Fhalf_banner\u002Fpublic\u002F2025-09\u002FColleagues-Laptop-Data-Centre.jpg.webp?itok=goLhhWl5","Two colleagues laptop cyber data centre server racks","731","Image of two colleagues using a laptop in a data centre next to server racks","Expectations","Expect a more joined-up customer, and more explicit expectations.",[302],"\u003Cp>The plan recognises that suppliers “hold some cyber risk” by virtue of delivering services to government. It sets out an intent to define clearer expectations for how suppliers should engage with government customers on cyber security and resilience. \u003C\u002Fp>\u003Cp>Government also distinguishes\u003Cstrong> strategic suppliers\u003C\u002Fstrong>, where they intend to take a more “joined-up” approach, stating that the Government Cyber Unit will establish formal strategic partnerships with cyber and resilience requirements built in and will hold strategic suppliers to account for government-wide risk they hold.\u003C\u002Fp>",{"element":235,"imagePosition":211,"mediaImage":304,"tabLabel":308,"title":309,"type":250,"wysiwyg":310},{"element":144,"mediaImage":305,"title":298,"type":137},{"element":128,"content":306},{"srcset":291,"sizes":307,"url":295,"alt":296,"width":153,"height":297},{"400":293,"700":294,"1200":295},"Secure-by-Design","Secure-by-Design and spend controls drive early proof of resilience.",[311],"\u003Cp>The plan targets 100% adherence to a government \u003Cstrong>Secure-by-Design \u003C\u002Fstrong>approach and includes the intent that organisations with government Critical National Infrastructure undergo regular assurance checks through Secure-by-Design integration in Digital and Technology Spend Controls. \u003C\u002Fp>\u003Cp>For suppliers, this often translates into earlier and firmer questions at bid and delivery stages: architecture, identity and access, vulnerability management, monitoring, incident response readiness, and resilience-by-design, not as optional add-ons, but as conditions of delivery.\u003C\u002Fp>",{"element":235,"imagePosition":211,"mediaImage":313,"tabLabel":317,"title":318,"type":250,"wysiwyg":319},{"element":144,"mediaImage":314,"title":298,"type":137},{"element":128,"content":315},{"srcset":291,"sizes":316,"url":295,"alt":296,"width":153,"height":297},{"400":293,"700":294,"1200":295},"Resilience","An accompanying signal: software supply chain focus",[320],"\u003Cp>Alongside the plan, the government’s announcement highlights a \u003Cstrong>£210m \u003C\u002Fstrong>package and a new \u003Cstrong>Software Security Ambassador Scheme \u003C\u002Fstrong>to promote adoption of a Software Security Code of Practice. While that scheme is described in the accompanying announcement rather than the Action Plan itself, it reinforces the same theme: \u003Cstrong>supply chain resilience is now a first-order concern\u003C\u002Fstrong>.\u003C\u002Fp>",{"element":230,"title":322,"type":232,"anchor":191,"tabs":323},"The Operational Heart of the Plan",[324,339,348,357],{"element":235,"imagePosition":236,"mediaImage":325,"tabLabel":335,"title":336,"type":250,"wysiwyg":337},{"element":144,"mediaImage":326,"title":333,"type":137},{"element":128,"content":327},{"srcset":328,"sizes":329,"url":332,"alt":333,"width":153,"height":334},"https:\u002F\u002Fstatic.talan.com\u002Fs3fs-public\u002Fstyles\u002Fhalf_banner_400\u002Fpublic\u002F2025-04\u002FVisual%20_Post-it_.jpg.webp?itok=M8Re0toX 400w, https:\u002F\u002Fstatic.talan.com\u002Fs3fs-public\u002Fstyles\u002Fhalf_banner_700\u002Fpublic\u002F2025-04\u002FVisual%20_Post-it_.jpg.webp?itok=CRj-R8Wg 700w, https:\u002F\u002Fstatic.talan.com\u002Fs3fs-public\u002Fstyles\u002Fhalf_banner\u002Fpublic\u002F2025-04\u002FVisual%20_Post-it_.jpg.webp?itok=C2F8wntX 1200w",{"400":330,"700":331,"1200":332},"https:\u002F\u002Fstatic.talan.com\u002Fs3fs-public\u002Fstyles\u002Fhalf_banner_400\u002Fpublic\u002F2025-04\u002FVisual%20_Post-it_.jpg.webp?itok=M8Re0toX","https:\u002F\u002Fstatic.talan.com\u002Fs3fs-public\u002Fstyles\u002Fhalf_banner_700\u002Fpublic\u002F2025-04\u002FVisual%20_Post-it_.jpg.webp?itok=CRj-R8Wg","https:\u002F\u002Fstatic.talan.com\u002Fs3fs-public\u002Fstyles\u002Fhalf_banner\u002Fpublic\u002F2025-04\u002FVisual%20_Post-it_.jpg.webp?itok=C2F8wntX","Colleagues collaborating on visual board","856","Coherent Approach","Services at scale",[338],"\u003Cp>The plan notes that services such as NCSC’s\u003Cstrong> Protective Domain Name Service (PDNS)\u003C\u002Fstrong> and the Government Cyber Unit’s \u003Cstrong>Vulnerability Monitoring Service\u003C\u002Fstrong> show that risks can be addressed at scale, but barriers prevent sufficient adoption, particularly in less mature organisations. \u003C\u002Fp>\u003Cp>It proposes a more coherent approach to developing and “productising” cyber services, including improved access via a \u003Cstrong>service finder\u003C\u002Fstrong> and service coordination, and a DSIT–NCSC strategic partnership framework for service collaboration. \u003C\u002Fp>",{"element":235,"imagePosition":236,"mediaImage":340,"tabLabel":344,"title":345,"type":250,"wysiwyg":346},{"element":144,"mediaImage":341,"title":333,"type":137},{"element":128,"content":342},{"srcset":328,"sizes":343,"url":332,"alt":333,"width":153,"height":334},{"400":330,"700":331,"1200":332},"Shared Learning","Detection and exercising standard content, shared learning",[347],"\u003Cp>The Action Plan describes building a central library of intelligence-driven detection content that departments can consume for common platforms (“Detection for Government”), and an exercising capability through centrally developed methodologies and scenarios. \u003C\u002Fp>",{"element":235,"imagePosition":236,"mediaImage":349,"tabLabel":353,"title":354,"type":250,"wysiwyg":355},{"element":144,"mediaImage":350,"title":333,"type":137},{"element":128,"content":351},{"srcset":328,"sizes":352,"url":332,"alt":333,"width":153,"height":334},{"400":330,"700":331,"1200":332},"Response Model","Response and recovery",[356],"\u003Cp>Government’s response model emphasises subsidiarity (decisions at the lowest appropriate level) but with stronger central coordination when incidents exceed local capability. It also proposes centrally managed access to NCSC-accredited incident response providers “of last resort,” and the definition of response structures through a Government Cyber Incident Response Plan.\u003C\u002Fp>",{"element":235,"imagePosition":236,"mediaImage":358,"tabLabel":362,"title":363,"type":250,"wysiwyg":364},{"element":144,"mediaImage":359,"title":333,"type":137},{"element":128,"content":360},{"srcset":328,"sizes":361,"url":332,"alt":333,"width":153,"height":334},{"400":330,"700":331,"1200":332},"Skills","Skills: A Government Cyber Profession",[365],"\u003Cp>The plan explicitly calls out a demand\u002Fsupply gap in cyber skills across government and proposes establishing the first \u003Cstrong>Government Cyber Professio\u003C\u002Fstrong>n to attract, upskill, retain, and support cyber professionals, alongside clearer career pathways, and partnerships. \u003C\u002Fp>\u003Cp>For industry, this has two implications: \u003C\u002Fp>\u003Col>\u003Cli>Competition for talent remains intense, but\u003C\u002Fli>\u003Cli>A more structured profession could improve capability maturity over time, particularly if paired with consistent standards, tooling, and shared services.\u003C\u002Fli>\u003C\u002Fol>",{"element":210,"imagePosition":211,"title-255":367,"type":213,"anchor":194,"expandsItems":368},"Talan’s critical view: what is strong, and what to watch",[369,373],{"element":216,"title-60":370,"type":218,"wysiwyg":371},"What the plan gets right",[372],"\u003Cul>\u003Cli>\u003Cstrong>It is honest about feasibility and root causes.\u003C\u002Fstrong> It explicitly revises expectations versus 2030 and foregrounds legacy, control maturity, and dependency risks.\u003C\u002Fli>\u003Cli>\u003Cstrong>It moves from narrative to operating model.\u003C\u002Fstrong> Named risk ownership, governance groups, and defined responsibilities are a meaningful step change in accountability.\u003C\u002Fli>\u003Cli>\u003Cstrong>It treats resilience as more than “cyber defence”.\u003C\u002Fstrong> Non-malicious outages and recovery complexity are treated as first-class concerns.\u003C\u002Fli>\u003Cli>\u003Cstrong>It recognises culture as a control. \u003C\u002Fstrong>“Defend as One,” transparency, safe reporting, and empowered teams are explicitly described as behaviours to embed\u003C\u002Fli>\u003C\u002Ful>",{"element":216,"title-60":374,"type":218,"wysiwyg":375},"The execution risks that will determine success",[376],"\u003Cul>\u003Cli>\u003Cstrong>Reporting without action.\u003C\u002Fstrong> More data and assurance only reduce risk if they drive prioritised remediation and sustained funding.\u003C\u002Fli>\u003Cli>\u003Cstrong>Skills and delivery capacity.\u003C\u002Fstrong> A new profession helps, but building capability fast enough, while also delivering major remediation (legacy, monitoring, response readiness), is challenging.\u003C\u002Fli>\u003Cli>\u003Cstrong>Supplier dependency and leverage. \u003C\u002Fstrong>Government can define expectations but enforcing them consistently across fragmented procurement routes is hard unless contractual and assurance mechanisms are aligned.\u003C\u002Fli>\u003Cli>\u003Cstrong>Balancing central direction with local autonomy. \u003C\u002Fstrong>The plan’s model depends on clear thresholds for escalation and on trust in shared services, otherwise “defend as one” can become “defend alone but report more.”\u003C\u002Fli>\u003C\u002Ful>",{"element":201,"hideSeparator":378,"type":203,"wysiwyg":379},"0",[380],"\u003Ch3>What CISOs and leaders should do now \u003C\u002Fh3>\u003Cp>Even if you are outside government, this plan provides a useful blueprint for \u003Cstrong>how large, federated organisations can manage systemic cyber risk\u003C\u002Fstrong>. For public sector CISOs, suppliers, and regulated operators, we recommend focusing on the next 90–180 days: \u003C\u002Fp>\u003Col>\u003Cli>\u003Cstrong>Reconfirm risk ownership and board reporting.\u003C\u002Fstrong> Ensure board-level cyber expertise is in place and reporting covers suppliers and critical dependencies, not only internal controls.\u003C\u002Fli>\u003Cli>\u003Cstrong>Align your maturity narrative to CAF outcomes (where applicable).\u003C\u002Fstrong> If you operate in or supply government-aligned sectors, expect CAF-aligned language to become more common in assurance and sponsorship conversations.\u003C\u002Fli>\u003Cli>\u003Cstrong>Build an “evidence pack” for secure-by-design delivery.\u003C\u002Fstrong> Be ready to show how you embed security and resilience in architecture and delivery, including monitoring and response readiness.\u003C\u002Fli>\u003Cli>\u003Cstrong>Map your top risks to the plan’s “government-wide” patterns.\u003C\u002Fstrong> Look hard at common vulnerabilities exploitable at scale, shared platforms, and supplier concentration risks.\u003C\u002Fli>\u003Cli>\u003Cstrong>Refresh incident response and recovery assumptions.\u003C\u002Fstrong> Assume concurrent incidents and complex recovery; validate supplier support arrangements; and exercise for realistic service disruption.\u003C\u002Fli>\u003Cli>\u003Cstrong>Start PQC planning if you have long-lived cryptography dependencies. \u003C\u002Fstrong>The plan signals a government-wide approach and roadmap for post-quantum migration, which will cascade into supplier roadmaps over time.\u003C\u002Fli>\u003C\u002Fol>",{"element":201,"hideSeparator":378,"type":203,"anchor":197,"wysiwyg":382},[383],"\u003Ch4>Where Talan can support \u003C\u002Fh4>\u003Cp>Talan works with public sector and critical service operators to turn plans like this into measurable delivery. Typical support aligned to the Action Plan includes: \u003C\u002Fp>\u003Cul>\u003Cli>CAF-aligned maturity and resilience assessments and remediation roadmaps.\u003C\u002Fli>\u003Cli>Board-level risk appetite facilitation and reporting design.\u003C\u002Fli>\u003Cli>Secure-by-design governance and assurance for new digital services.\u003C\u002Fli>\u003Cli>Supply-chain cyber assurance (including strategic supplier dependency risk).\u003C\u002Fli>\u003Cli>Incident response exercising, recovery planning, and “lessons learned” operationalisation.\u003C\u002Fli>\u003Cli>Post-quantum cryptography (PQC) readiness and migration planning.\u003C\u002Fli>\u003C\u002Ful>",{"element":385,"embedExternalForm":386,"expert":387,"externalFormHeight":392,"title-255":178,"type":393,"anchor":177},"pg-form","\u003Ciframe src=\"https:\u002F\u002Fgo.talan.com\u002Fl\u002F688263\u002F2026-01-07\u002F2fzk7z\" width=\"100%\" height=\"750\" type=\"text\u002Fhtml\" frameborder=\"0\" allowTransparency=\"true\" style=\"border: 0\">\u003C\u002Fiframe>",{"element":123,"name":124,"picture":388,"position":138,"tid":139,"type":140,"href":141},{"element":126,"mediaImage":389,"title":136,"type":137},{"element":128,"content":390},{"srcset":130,"sizes":391,"url":133,"alt":134,"width":135,"height":135},{"325":132,"512":133},"500","form",{"element":395,"ctaLabel":396,"title-255":397,"anchor":181,"ctaLinks":398},"pg-linked-expertises","Discover","Linked capabilities",[399,401,402],{"title":160,"href":400},"\u002Fuk\u002Fen\u002Fcapabilities\u002Ftechnology\u002Fcybersecurity",{"title":160,"href":400},{"title":403,"href":404},"Data Privacy","\u002Fuk\u002Fen\u002Fcapabilities\u002Fdata-and-ai\u002Fdata-privacy",[406],{"element":407,"type":408,"wysiwyg":409},"pg-source","source",[410],"\u003Cp>\u003Ca href=\"https:\u002F\u002Fwww.gov.uk\u002Fgovernment\u002Fnews\u002Fnew-cyber-action-plan-to-tackle-threats-and-strengthen-public-services\" data-entity-type=\"external\">Government Cyber Action Plan\u003C\u002Fa>\u003C\u002Fp>","default",{"element":413,"link":414},"block-header-contact",{"title":415,"href":416},"Contact us","\u002Fuk\u002Fen\u002Fcontact-us-uk",{"footer_top":418},{"footer_uk":419,"olivero_footerblock":441},{"element":420,"links":421,"logo":428,"subtitle":439,"title":440},"block-content-footer",[422,426],{"title":423,"options":424,"content":425},"Your career",[],"\u002Fuk\u002Fen\u002Fjoin-us\u002Fyour-career",{"title":22,"options":427,"content":45},[],{"element":126,"mediaImage":429,"title":438,"type":137},{"element":128,"content":430},{"srcset":431,"sizes":432,"url":435,"alt":436,"width":135,"height":437},"https:\u002F\u002Fstatic.talan.com\u002Fs3fs-public\u002Fstyles\u002Fmax_325x325\u002Fpublic\u002F2024-10\u002FTalan-curious-mind.png.webp?itok=aImG83Wz 325w, https:\u002F\u002Fstatic.talan.com\u002Fs3fs-public\u002Fstyles\u002Fmax_650x650\u002Fpublic\u002F2024-10\u002FTalan-curious-mind.png.webp?itok=SIEVvEZi 650w, https:\u002F\u002Fstatic.talan.com\u002Fs3fs-public\u002Fstyles\u002Fmax_1300x1300\u002Fpublic\u002F2024-10\u002FTalan-curious-mind.png.webp?itok=WnG6bPb- 840w",{"325":433,"650":434,"840":435},"https:\u002F\u002Fstatic.talan.com\u002Fs3fs-public\u002Fstyles\u002Fmax_325x325\u002Fpublic\u002F2024-10\u002FTalan-curious-mind.png.webp?itok=aImG83Wz","https:\u002F\u002Fstatic.talan.com\u002Fs3fs-public\u002Fstyles\u002Fmax_650x650\u002Fpublic\u002F2024-10\u002FTalan-curious-mind.png.webp?itok=SIEVvEZi","https:\u002F\u002Fstatic.talan.com\u002Fs3fs-public\u002Fstyles\u002Fmax_1300x1300\u002Fpublic\u002F2024-10\u002FTalan-curious-mind.png.webp?itok=WnG6bPb-","Talan-curious-mind-logo","310","Talan-curious-mind","We believe in the diversity of our profiles, the richness of our experiences, our differences of opinion - this is what creates the strength and relevance of the Talan collective.","Join Us ",{"element":442,"id":443,"label":444,"label_display":445,"provider":446,"title":447,"subtitle":439,"title_cta_1":448,"title_cta_2":423,"title_cta_3":22,"url_cta_1":449,"url_cta_2":450,"url_cta_3":79},"drupal-block-footer-block","footer_block","Footer Block","visible","talan_decoupled","Join Us -","Culture and values","\u002Fglobal\u002Fen\u002Fjoin-us\u002Fculture-and-values","\u002Fglobal\u002Fen\u002Fjoin-us\u002Fyour-career",{"id":452,"name":453,"roles":454},0,"Anonymous",[455],"anonymous",[],[],[459,462,465,468,471,474,477,480,483,486,489,492],{"title":460,"url":461},"Careers","\u002Fuk\u002Fen\u002Fjoin-talan-community-curious-minds",{"title":463,"url":464},"Locations","\u002Fuk\u002Fen\u002Four-locations",{"title":466,"url":467},"Legal information and GTCU","\u002Fuk\u002Fen\u002Flegal-information-and-general-terms-and-conditions-use",{"title":469,"url":470},"Ethics & Compliance","\u002Fuk\u002Fen\u002Fethics-compliance",{"title":472,"url":473},"Privacy policy","\u002Fuk\u002Fen\u002Ftalan-group-data-protection-policy",{"title":475,"url":476},"Binding Corporate Rules","\u002Fuk\u002Fen\u002Fbinding-corporate-rules-processor",{"title":478,"url":479},"Carbon Reduction Plan","\u002Fuk\u002Fen\u002Fcarbon-reduction-plan",{"title":481,"url":482},"Digital accessibility","\u002Fuk\u002Fen\u002Fdigital-accessibility",{"title":484,"url":485},"Disclaimers, Terms & Conditions","\u002Fuk\u002Fen\u002Fdisclaimers-terms-conditions",{"title":487,"url":488},"Grievance Policy & Procedure","\u002Fuk\u002Fen\u002Fgrievance-policy-procedure",{"title":490,"url":491},"Modern Slavery Policy","\u002Fuk\u002Fen\u002Fmodern-slavery-policy",{"title":493,"url":494},"Whistleblower Protection Policy","\u002Fuk\u002Fen\u002Fwhistleblower-protection-policy",[496,604,629,709,732],{"title":497,"url":97,"push_image":498,"push_surtitle":499,"push_title":500,"push_tag":97,"push_url":501,"below":502},"Capabilities","https:\u002F\u002Fstatic.talan.com\u002Fs3fs-public\u002Fstyles\u002Fw_400\u002Fpublic\u002F2026-04\u002FMSI-UK-Carbon-Reduction-Plan.jpg.webp","OUR EXPERTISE","Strategic Sustainability Support with a Leading UK Health Provider","\u002Fuk\u002Fen\u002Fstrategic-sustainability-support-leading-uk-health-provider",[503,523,553,577,583],{"title":504,"url":97,"cta_uri":505,"cta_title":506,"below":507},"Consulting","\u002Fuk\u002Fen\u002Fcapabilities\u002Fconsulting\u002Fshaping-your-transformation","See all our Consulting expertise",[508,511,514,517,520],{"title":509,"url":510},"Integrating technology into your strategy","\u002Fuk\u002Fen\u002Fcapabilities\u002Fconsulting\u002Fintegrate-technology-your-strategy",{"title":512,"url":513},"Reinventing your business model","\u002Fuk\u002Fen\u002Fcapabilities\u002Fconsulting\u002Freinvent-your-business-model",{"title":515,"url":516},"Strengthen your resilience and operational excellence","\u002Fuk\u002Fen\u002Fcapabilities\u002Fconsulting\u002Fenhance-your-companys-resilience-and-operational-excellence",{"title":518,"url":519},"Reinventing the customer experience","\u002Fuk\u002Fen\u002Fcapabilities\u002Fconsulting\u002Freinvent-customer-experience-talan",{"title":521,"url":522},"Fully engage your company in sustainable transformation","\u002Fuk\u002Fen\u002Fcapabilities\u002Fconsulting\u002Fsustainable-transformation",{"title":524,"url":97,"cta_uri":525,"cta_title":526,"below":527},"Data and AI","\u002Fuk\u002Fen\u002Fcapabilities\u002Fdata-and-ai\u002Fcapture-richness-your-data","See all our Data x AI expertise",[528,531,534,537,540,543,544,547,550],{"title":529,"url":530},"Data x AI","\u002Fuk\u002Fen\u002Fcapabilities\u002Fdata-and-ai\u002Fdata-x-ai",{"title":532,"url":533},"Data Analytics","\u002Fuk\u002Fen\u002Fcapabilities\u002Fdata-and-ai\u002Fdata-analytics",{"title":535,"url":536},"Data Architecture & Solutions Integration","\u002Fuk\u002Fen\u002Fcapabilities\u002Fdata-and-ai\u002Fdata-architecture-solutions-integration",{"title":538,"url":539},"Data Governance & Compliance","\u002Fuk\u002Fen\u002Fcapabilities\u002Fdata-and-ai\u002Fdata-governance-compliance",{"title":541,"url":542},"Data Modelling, Data Warehousing & Big Data","\u002Fuk\u002Fen\u002Fcapabilities\u002Fdata-and-ai\u002Fdata-modelling-data-warehousing-big-data",{"title":403,"url":404},{"title":545,"url":546},"Data Quality Management","\u002Fuk\u002Fen\u002Fcapabilities\u002Fdata-and-ai\u002Fdata-quality-management",{"title":548,"url":549},"Data Science & Data Engineering","\u002Fuk\u002Fen\u002Fcapabilities\u002Fdata-and-ai\u002Fdata-science-data-engineering",{"title":551,"url":552},"Data Strategy","\u002Fuk\u002Fen\u002Fcapabilities\u002Fdata-and-ai\u002Fdata-strategy",{"title":554,"url":97,"cta_uri":555,"cta_title":556,"below":557},"Technology","\u002Fuk\u002Fen\u002Fcapabilities\u002Ftechnology\u002Funleashing-power-technology","See all our technological expertise",[558,561,562,565,568,571,574],{"title":559,"url":560},"Smart Automation & RPA","\u002Fuk\u002Fen\u002Fcapabilities\u002Ftechnology\u002Fintelligent-automation-rpa-boost-your-companys-efficiency-talan",{"title":160,"url":400},{"title":563,"url":564},"Cyber Threat Intelligence","\u002Fuk\u002Fen\u002Fcapabilities\u002Ftechnology\u002Fcyber-threat-intelligence",{"title":566,"url":567},"Ecosystem Cloud","\u002Fuk\u002Fen\u002Fcapabilities\u002Ftechnology\u002Fbuild-your-cloud-ecosystem",{"title":569,"url":570},"Microsoft x Talan","\u002Fuk\u002Fen\u002Fcapabilities\u002Ftechnology\u002Fmicrosoft-talan",{"title":572,"url":573},"SAP x Talan","\u002Fuk\u002Fen\u002Fcapabilities\u002Ftechnology\u002Fsap",{"title":575,"url":576},"Salesforce x Talan","\u002Fuk\u002Fen\u002Fcapabilities\u002Ftechnology\u002Fsalesforce",{"title":578,"url":97,"below":579},"Nurturing positive innovation",[580],{"title":581,"url":582},"Cultivate positive innovation","\u002Fuk\u002Fen\u002Fcapabilities\u002Fnurturing-positive-innovation\u002Fcultivate-positive-innovation-and-transform-your-challenges-opportunities",{"title":584,"url":97,"below":585},"The Talan Method",[586,589,592,595,598,601],{"title":587,"url":588},"Continuum of service: supporting you at every stage of your project","\u002Fuk\u002Fen\u002Fcapabilities\u002Ftalan-method\u002Fcontinuum-services-heart-your-transformation",{"title":590,"url":591},"Enlightening decisions","\u002Fuk\u002Fen\u002Fcapabilities\u002Ftalan-method\u002Ftalan-method-enlightening-decisions",{"title":593,"url":594},"Putting data at the service of change","\u002Fuk\u002Fen\u002Fcapabilities\u002Ftalan-method\u002Ftalan-method-putting-data-service-change",{"title":596,"url":597},"Scaling projects","\u002Fuk\u002Fen\u002Fcapabilities\u002Ftalan-method\u002Ftalan-method-scaling-projects",{"title":599,"url":600},"Innovating through research","\u002Fuk\u002Fen\u002Fcapabilities\u002Ftalan-method\u002Ftalan-method-research-driver-innovation",{"title":602,"url":603},"Mobilising ingenious and committed experts","\u002Fuk\u002Fen\u002Fcapabilities\u002Ftalan-method\u002Ftalan-method-mobilising-ingenious-and-committed-experts",{"title":605,"url":97,"cta_uri":606,"cta_title":607,"below":608},"Industries","\u002Fuk\u002Fen\u002Four-industries","See all industries",[609,613,617,621,625],{"title":610,"url":611,"link_thumbnail":612},"Energy","\u002Fuk\u002Fen\u002Findustries\u002Fdigital-transformation-propel-your-energy-and-environmental-company-future-0","https:\u002F\u002Fstatic.talan.com\u002Fs3fs-public\u002Fstyles\u002Fw_400\u002Fpublic\u002F2024-10\u002Fshutterstock_2276246949.jpg.webp",{"title":614,"url":615,"link_thumbnail":616},"Bank & Finance","\u002Fuk\u002Fen\u002Findustries\u002Fbanking-and-finance-unleash-your-transformation-potential-0","https:\u002F\u002Fstatic.talan.com\u002Fs3fs-public\u002Fstyles\u002Fw_400\u002Fpublic\u002F2024-10\u002Fshutterstock_1407617270.jpg.webp",{"title":618,"url":619,"link_thumbnail":620},"Insurance","\u002Fuk\u002Fen\u002Findustries\u002Fguiding-insurance-sector-through-transformations-0","https:\u002F\u002Fstatic.talan.com\u002Fs3fs-public\u002Fstyles\u002Fw_400\u002Fpublic\u002F2024-10\u002Fshutterstock_2212041425.jpg.webp",{"title":622,"url":623,"link_thumbnail":624},"Health","\u002Fuk\u002Fen\u002Findustries\u002Ftransforming-healthcare-0","https:\u002F\u002Fstatic.talan.com\u002Fs3fs-public\u002Fstyles\u002Fw_400\u002Fpublic\u002F2024-09\u002Fshutterstock_1958734429%20%281%29.jpg.webp",{"title":626,"url":627,"link_thumbnail":628},"Public Services","\u002Fuk\u002Fen\u002Findustries\u002Fdigital-transformation-and-modernisation-public-services","https:\u002F\u002Fstatic.talan.com\u002Fs3fs-public\u002Fstyles\u002Fw_400\u002Fpublic\u002F2024-10\u002Fshutterstock_2433950661_0.jpg.webp",{"title":95,"url":97,"push_image":630,"push_surtitle":631,"push_title":632,"push_tag":97,"push_url":633,"below":634},"https:\u002F\u002Fstatic.talan.com\u002Fs3fs-public\u002Fstyles\u002Fw_400\u002Fpublic\u002F2026-04\u002Fhalifax-bank-cash-machine-atm-uk-high-street.jpg.webp","INSIGHT","The UK's Open Finance Roadmap Is Here: From Vision to Value","\u002Fuk\u002Fen\u002Fuks-open-finance-roadmap-here-vision-value",[635,661,688],{"title":95,"url":97,"cta_uri":636,"cta_title":637,"below":638},"\u002Fuk\u002Fen\u002Fall-our-insights","See all our insights",[639],{"element":640,"rows":641},"drupal-view",[642,647,649,653,657],{"element":643,"title":644,"type":171,"nid":645,"href":646,"lang":8,"domain":35},"node-insight-menu","The real cyber AI risk no one is talking about ","2955","\u002Fuk\u002Fen\u002Fai-cyber-risk-no-one-really-talking-about",{"element":643,"title":632,"type":171,"nid":648,"href":633,"lang":8,"domain":35},"2957",{"element":643,"title":650,"type":171,"nid":651,"href":652,"lang":8,"domain":35},"Making Local Energy Markets Work in Practice","2923","\u002Fuk\u002Fen\u002Fmaking-local-energy-markets-work-practice",{"element":643,"title":654,"type":171,"nid":655,"href":656,"lang":8,"domain":35},"What does it take to enter the GB Flexibility Market?","2920","\u002Fuk\u002Fen\u002Fwhat-does-it-take-enter-gb-flexibility-market",{"element":643,"title":658,"type":171,"nid":659,"href":660,"lang":8,"domain":35},"What is the best approach to managing Smart Data privacy risks? ","2906","\u002Fuk\u002Fen\u002Fwhat-best-approach-managing-smart-data-privacy-risks",{"title":662,"url":97,"cta_uri":663,"cta_title":664,"below":665},"Case studies","\u002Fuk\u002Fen\u002Fall-our-use-cases","See all our case studies",[666],{"element":640,"rows":667},[668,672,676,680,684],{"element":669,"title":500,"type":670,"nid":671,"href":501,"lang":8,"domain":35},"node-case-studies-menu","case_studies","2960",{"element":669,"title":673,"type":670,"nid":674,"href":675,"lang":8,"domain":35},"Advising regional heat pump adoption for local government","2930","\u002Fuk\u002Fen\u002Fadvising-regional-heat-pump-adoption-local-government",{"element":669,"title":677,"type":670,"nid":678,"href":679,"lang":8,"domain":35},"Developing a Heat Network Roadmap","2922","\u002Fuk\u002Fen\u002Fdeveloping-heat-network-roadmap",{"element":669,"title":681,"type":670,"nid":682,"href":683,"lang":8,"domain":35},"AI Adoption Programme: How to Accelerate Enterprise AI Transformation","2144","\u002Fuk\u002Fen\u002Fai-adoption-program-enterprise",{"element":669,"title":685,"type":670,"nid":686,"href":687,"lang":8,"domain":35},"Unlocking Ireland’s Net Zero Future with Renewable Liquid Gases","2139","\u002Fuk\u002Fen\u002Funlocking-irelands-net-zero-future-renewable-liquid-gases",{"title":689,"url":97,"cta_uri":690,"cta_title":691,"below":692},"See us at","\u002Fuk\u002Fen\u002Fall-our-events","All our events",[693],{"element":640,"rows":694},[695,701,705],{"element":696,"title":697,"type":698,"nid":699,"href":700,"lang":8,"domain":35},"node-appointment-menu","British Forces in Business Awards 2026","appointment","3149","\u002Fuk\u002Fen\u002Fbritish-forces-business-awards-2026",{"element":696,"title":702,"type":698,"nid":703,"href":704,"lang":8,"domain":35},"Mythos and beyond: What the wider AI shift means for the threat landscape","3141","\u002Fuk\u002Fen\u002Fmythos-and-beyond-what-wider-ai-shift-means-threat-landscape",{"element":696,"title":706,"type":698,"nid":707,"href":708,"lang":8,"domain":35},"DataFest 2026","3139","\u002Fuk\u002Fen\u002Fdatafest-2026",{"title":710,"url":97,"below":711},"Join Us",[712,716,719,722,726,730],{"title":713,"url":714,"link_thumbnail":715},"Cultures and Values","\u002Fuk\u002Fen\u002Fjoin-us\u002Fculture-and-values","https:\u002F\u002Fstatic.talan.com\u002Fs3fs-public\u002Fstyles\u002Fw_400\u002Fpublic\u002F2025-02\u002FTalan-PRO-62_0.jpg.webp",{"title":717,"url":461,"link_thumbnail":718},"Join Talan","https:\u002F\u002Fstatic.talan.com\u002Fs3fs-public\u002Fstyles\u002Fw_400\u002Fpublic\u002F2024-10\u002FTALAN-2000-18_0.jpg.webp",{"title":22,"url":720,"link_thumbnail":721},"https:\u002F\u002Fwww.talan.com\u002Fuk\u002Fen\u002Four-job-offers?country=gb","https:\u002F\u002Fstatic.talan.com\u002Fs3fs-public\u002Fstyles\u002Fw_400\u002Fpublic\u002F2024-10\u002FTalan-PRO-7_1.jpg.webp",{"title":723,"url":724,"link_thumbnail":725},"Our recruitment process","\u002Fuk\u002Fen\u002Fjoin-us\u002Four-recruitment-process","https:\u002F\u002Fstatic.talan.com\u002Fs3fs-public\u002Fstyles\u002Fw_400\u002Fpublic\u002F2024-10\u002FTalan-PRO-48_2.jpg.webp",{"title":727,"url":728,"link_thumbnail":729},"Talan day-to-day","\u002Fuk\u002Fen\u002Fjoin-us\u002Ftalan-action","https:\u002F\u002Fstatic.talan.com\u002Fs3fs-public\u002Fstyles\u002Fw_400\u002Fpublic\u002F2024-10\u002FTalan-PRO-54_1.jpg.webp",{"title":423,"url":425,"link_thumbnail":731},"https:\u002F\u002Fstatic.talan.com\u002Fs3fs-public\u002Fstyles\u002Fw_400\u002Fpublic\u002F2024-10\u002FTalan-PRO-61.jpg.webp",{"title":733,"url":97,"push_image":734,"push_surtitle":735,"push_title":736,"push_tag":97,"push_url":737,"below":738},"ABOUT US","https:\u002F\u002Fstatic.talan.com\u002Fs3fs-public\u002Fstyles\u002Fw_400\u002Fpublic\u002F2026-03\u002FB%20Corp%20Webpage%20Image_0.jpg.webp","NEWS","Talan UK & Ireland Achieves Prestigious B Corp Certification","\u002Fuk\u002Fen\u002Ftalan-uk-ireland-achieves-prestigious-b-corp-certification",[739,754,765,792,807],{"title":740,"url":97,"below":741},"Our vision",[742,745,748,751,752],{"title":743,"url":744},"About Talan","\u002Fuk\u002Fen\u002Fabout-us\u002Four-vision\u002Fwho-we-are",{"title":746,"url":747},"CSR Commitment","\u002Fuk\u002Fen\u002Fabout-us\u002Four-vision\u002Fcsr-commitment-talan",{"title":749,"url":750},"Diversity and inclusion at Talan","\u002Fuk\u002Fen\u002Fabout-us\u002Four-vision\u002Fdiversity-and-inclusion-talan",{"title":599,"url":600},{"title":29,"url":753},"\u002Fuk\u002Fen\u002Fcapabilities\u002Fnurturing-positive-innovation\u002Fpositive-innovation",{"title":755,"url":97,"below":756},"Our group",[757,759,762],{"title":758,"url":464},"Our locations",{"title":760,"url":761},"Our organisation","\u002Fuk\u002Fen\u002Fabout-us\u002Four-group\u002Four-organisation",{"title":763,"url":764},"The Talan group ecosystem","\u002Fuk\u002Fen\u002Fabout-us\u002Four-group\u002Ftalan-group-ecosystem",{"title":766,"url":97,"cta_uri":767,"cta_title":768,"below":769},"Our news","\u002Fuk\u002Fen\u002Four-news","See all our news",[770],{"element":640,"rows":771},[772,778,782,784,788],{"element":773,"title":774,"type":775,"nid":776,"href":777,"lang":8,"domain":35},"node-news-menu","Why fixing the UK’s energy pricing problem is a leadership challenge","news","3024","\u002Fuk\u002Fen\u002Fwhy-fixing-uks-energy-pricing-problem-leadership-challenge",{"element":773,"title":779,"type":775,"nid":780,"href":781,"lang":8,"domain":35},"Talan supports delivery of Gas Safe Register student engagement trial","2929","\u002Fuk\u002Fen\u002Ftalan-supports-delivery-gas-safe-register-student-engagement-trial",{"element":773,"title":736,"type":775,"nid":783,"href":737,"lang":8,"domain":35},"2890",{"element":773,"title":785,"type":775,"nid":786,"href":787,"lang":8,"domain":35},"TenSquare, the new brand dedicated to strategy consulting from the Talan group ","2743","\u002Fuk\u002Fen\u002Ftensquare-new-brand-dedicated-strategy-consulting-talan-group",{"element":773,"title":789,"type":775,"nid":790,"href":791,"lang":8,"domain":35},"UK’s leading infrared heating manufacturers, Welsh government, and social housing providers join forces at Baglan infrared showcase event","2746","\u002Fuk\u002Fen\u002Fuks-leading-infrared-heating-manufacturers-welsh-government-and-social-housing-providers-join-forces-baglan-infrared-showcase-event",{"title":793,"url":97,"below":794},"Expert communities",[795,798,801,804],{"title":796,"url":797},"Discover our experts","\u002Fuk\u002Fen\u002Fabout-us\u002Fexpert-communities\u002Fall-our-experts",{"title":799,"url":800},"Our Oracle community blog","https:\u002F\u002Finsum.talan.com\u002Ffr\u002Fressources\u002Fblogue\u002F",{"title":802,"url":803},"Our SAP community blog","https:\u002F\u002Fwww.jaimemonsap.com\u002F",{"title":805,"url":806},"The data blog","https:\u002F\u002Fblog.talan.com\u002Fcategory\u002Fdata\u002F",{"title":808,"url":809,"cta_uri":809,"cta_title":810},"Awards & Certificates","https:\u002F\u002Fwww.talan.com\u002Fuk\u002Fen\u002Four-uk-awards-certificates","See all our Awards & Certificates"]