**Which Countries Are Best-Placed to See Off State-Supported Cyber-Attacks? A Government Advisor Explains**

The world witnessed one of the first major cyber-attacks on civil society in 2007, when Estonia was targeted by a series of massive "distributed denial of service" assaults. The Baltic nation's government websites, banks, media outlets, and online services were slowed or shut down for weeks, following Estonia's decision to relocate a Soviet-era war memorial. Although the cyber-attack was not officially sanctioned by Russia, investigations revealed Russian connections.

Estonia has since transformed itself into a leader in cybersecurity, home to Nato's Cyber Defence Centre of Excellence and ranking fifth in the International Telecommunication Union's global cybersecurity index, alongside the UK. However, the UK lags behind Estonia in its cybersecurity planning. A 2025 government review found that nearly one-third of the UK's public sector IT systems were "critically vulnerable" due to historical underinvestment.

The problem is that nothing is ever urgent – until everything is. International cyber-attacks on the UK increased by 50% last year, with "nationally significant" incidents rising from 89 to 204. The recent launch of the Cyber Action Plan and cross-party international security briefing co-chaired by Richard Horne, CEO of the National Cyber Security Centre, aims to address these threats.

But can this more preemptive approach staunch the flow of cyber-attacks on the UK? In my experience advising European and Asian governments on cybersecurity matters, I believe that the problem is not just a matter of urgency but also of prioritizing public trust. Imagine welfare benefits going unpaid, tax returns being ignored, and health records frozen amid a major ransomware crisis.

The new plan prioritizes central government digital services, including tax, benefits, health records, and identity verification. It pledges £210 million in additional funding to address the difficulty of attracting highly paid private-sector engineers, analysts, and penetration testers to the public sector. While establishing a Government Cyber Unit is welcome, its phased rollout to 2029 feels too leisurely amid the level of threats the UK now faces.

Countries that lead the way on cyber-defence share key ingredients: mandatory rapid reporting of incidents, serious investment in AI-powered monitoring, real-time sharing of information between government and private sectors, and strong international partnerships. The US stands out, spending an annual $25 billion (£18 billion) on defending its IT systems, compared with the UK's £2-2.6 billion.

Australia's budget – A$6.2 billion (£3.2 billion) – also exceeds the UK's, despite its smaller population. It enforces strict rules such as 12-hour critical incident reporting and prioritizes investing in new technologies. Since Russia launched its full-scale invasion of Ukraine four years ago, it has woven cyber operations into its hybrid warfare playbook.

The UK needs to lean harder into its alliances with Nato and the EU, insist on compulsory AI-threat training across government and key industries, and show more willingness to expose attackers publicly. A timely but measured response should at least raise the risk (and cost) of the next cyber-attack for state-sponsored perpetrators.

**Key Takeaways:**

* **Cybersecurity planning**: Estonia has transformed itself into a leader in cybersecurity, while the UK lags behind. * **Investment**: The US spends $25 billion (£18 billion) annually on defending its IT systems, compared with the UK's £2-2.6 billion. * **Mandatory reporting**: Countries that lead the way on cyber-defence share key ingredients, including mandatory rapid reporting of incidents and serious investment in AI-powered monitoring. * **International partnerships**: The UK needs to lean harder into its alliances with Nato and the EU to counter state-sponsored cyber-attacks.

**Expert Insights:**

* "Nothing is ever urgent – until everything is." * "The problem is not just a matter of urgency but also of prioritizing public trust." * "Countries that lead the way on cyber-defence share key ingredients: mandatory rapid reporting of incidents, serious investment in AI-powered monitoring, real-time sharing of information between government and private sectors, and strong international partnerships."