CybersecurityIncident Response

UK Museums Exposed to Rising Cybersecurity Threats

Analyst 207||Source: InfoSecMag
Blurred office interior with computer workstations and a glass paperweight on a shelf.

"The department has been reactive rather than strategic, having identified issues that need addressing, but with few examples of it initiating concrete action as a result," the Parliament’s Public Accounts Committee (PAC) wrote in a report published on June 24.

Parliament’s Public Accounts Committee critique

The PAC’s report issues a blunt assessment: the Department for Culture, Media and Sport (DCMS) has not taken sufficient strategic responsibility for the cybersecurity — and related physical-security — risks facing national galleries and museums. Citing recent high-profile incidents, the committee says the department has identified problems but offered “few examples” of its own initiation of concrete action. The report warns that this reactive stance risks exposing collections and systems to further harm and calls on DCMS to set out “concrete actions” it has taken and is taking to address those risks.

Department for Culture, Media and Sport response and Cyber Action Plan

DCMS acknowledged a historically reactive approach and told the committee it is shifting toward a more central advisory role. “The department assured us that it was now working closely with the organizations on how it can provide central advice on improving cyber-resilience and minimising the threat and impact of cyber-attacks,” the report noted.

DCMS said it is tackling skills shortages and creating shared “artefacts” that arm’s-length bodies can use to address differing cybersecurity needs. The department points to its Cyber Action Plan — backed by £210m ($285m) — which aims to improve baseline security standards and central government support for departments, tackle legacy technology, improve visibility of risks, and enhance incident response across public bodies by 2030.

British Library ransomware and thefts from the British Museum

The PAC highlighted the ransomware attack on the British Library and thefts from the British Museum as concrete examples of what it described as the government’s failing approach. The British Library incident, the report records, damaged much of the library’s server estate and resulted in the theft of 600GB of internal data. The library told reporters that in 2024 it had already spent £1.6m recovering from that incident. While the committee notes that DCMS has facilitated the sharing of lessons from these cases, it found that the department “could not provide us with specific examples of actions taken as a result to protect museums’ and galleries’ systems and collections.”

What this means for technologists and security teams; policymakers and regulators; museums, galleries, and trustees

  • Technologists and security teams: they will be watching for the central “artefacts” and guidance DCMS says it is preparing, and for clearer incident-response support tied to the Cyber Action Plan’s aims to improve visibility of risks and enhance incident response.
  • Policymakers and regulators: the PAC has asked DCMS to move from facilitation to demonstrable action by setting out concrete measures. The £210m-backed plan and a 2030 timeline create a framework against which progress can be judged.
  • Museums, galleries, and trustees: while the report reiterates that responsibility primarily rests with individual institutions and their trustees, the PAC expects DCMS to capture lessons from high-profile incidents and to share usable protections so that recovery from events like the British Library ransomware attack does not fall entirely on individual institutions’ budgets and resilience.

Next steps for DCMS and the sector

The report leaves a narrow, practical question: will DCMS translate facilitation and a funded Cyber Action Plan into specific, demonstrable protections for national museums and galleries? The PAC has asked for concrete actions; DCMS has described ongoing work and a funding-backed plan aimed at strengthening baseline standards and tackling legacy technology by 2030. The record in the report, however, shows that sharing lessons from the British Library and British Museum incidents has not yet translated into identified, sector-wide changes — at least not ones the department could cite to the committee.

For cultural institutions that hold both irreplaceable artefacts and increasingly valuable digital records, the mismatch between identified risks and documented government action is the central concern the PAC has placed under scrutiny. Whether DCMS can produce the “specific examples” the committee seeks will be the clearest indicator that its shift from reactive support to strategic leadership has taken hold.

Original story

Emerging ThreatsNational SecurityUkCybersecurity ThreatsGovernment ResponseMuseumsCultural SectorParliamentPublic Accounts CommitteeDCMS
Related Intelligence

Continue Reading

Person sitting at laptop with system restore interface on screen, hands paused on keyboard.

Microsoft Rolls Out Windows 11 Update with Point-in-Time Restore Feature

Microsoft's latest Windows 11 update is here, bringing with it a game-changing feature: Point-in-time restore, which lets you snap your PC back to a previous state in just minutes. With this update, you can easily turn back the clock and get your computer up and running smoothly again.

Analyst 207
Dimly lit network server room with rows of generic computer servers and equipment racks.

Squidbleed Vulnerability Exposes Decade-Old Flaw in Popular Proxy Server

A 29-year-old memory leak in the popular Squid proxy server, dubbed Squidbleed, could silently expose sensitive data, including login credentials and session tokens, to hackers in certain setups. This shocking vulnerability, rooted in a 1997 code commit, highlights the importance of regularly updating and securing even the most trusted systems.

Analyst 207
Secure server room with rows of computer servers and networking equipment.

Trump Order Accelerates Federal Post-Quantum Crypto Migration by 2030

The clock is ticking: by December 31, 2030, federal agencies must upgrade their cryptography to protect high-value assets from the looming threat of quantum computers, with digital signatures following suit by December 31, 2031. This executive order accelerates the migration to post-quantum cryptography, compressing the government's previous timeline by four to five years.

Analyst 207
Laptop screen displays AI agent skill page in home office setting.

AI Skill Exploits Security Scanners, Reaches 26,000 Agents

In a shocking experiment, a security firm created a fake AI skill that evaded detection by security scanners and reached a staggering 26,000 agents, including those on corporate accounts. The skill, designed to be harmless, was able to bypass every scanner it was tested on, raising serious concerns about the safety of AI marketplaces.

Analyst 207