UK Museums left vulnerable to cyber-attack as government overly reactive in face of threats
The Public Accounts Committee (PAC) is warning that national museums and galleries are being left vulnerable to a range of issues from threats from cyber security to the physical security of collections, as the Government continues to rely on a reactive, rather than a strategic approach.
A number of high-profile incidents in 2023, including both the cyber-attack at the British Library and the thefts reported at the British Museum, served to highlight the vulnerability of these institutions.
Although the Government has facilitated the sharing of lessons, it was unable to provide specific examples of concrete actions taken as a result to better protect systems and collections in the wake of these incidents.
The Committee does not believe that the DCMS is taking advantage of its central role to bring museums and galleries together to better address these issues. It finds that measures including the implementation of digital record keeping should be considered and has asked the DCMS to set out the concrete actions it and museums and galleries have taken and are taking to address cyber and physical security threats.
The UK’s national museums and galleries are among the country’s most visited attractions, with the Natural History Museum alone drawing in 7.1m visitors in 2025. In 2024-25, museum and galleries self-generated income totalled £563 million, which is a 53% real-terms increase compared to 2021-22.
Those income streams, however, are vulnerable to wider economic conditions and visitor numbers which have not returned to pre-pandemic levels, with costs also rising due higher staff costs and energy bills.
Amid these challenges, the Department for Culture, Media and Sport (DCMS) provided 15 government-sponsored museums and galleries with £484m in grant-in-aid funding in 2024-25. This represents a real terms reduction of 16% as emergency COVID-19 pandemic funding has now ended.
The PAC recommends that the DCMS should set out clear metrics by which it will assess museums and galleries, and what consequences there will be for those that do not meet the criteria it sets out to measure them against.
You can read more on this here – https://committees.parliament.uk/committee/127/public-accounts-committee/news/214455/museums-left-vulnerable-to-cyberattack-as-government-overly-reactive-in-face-of-threats/
I am one of the editors here at www.systemtek.co.uk I am a UK based technology professional, with an interest in computer security and telecoms.