UK government’s Vulnerability Monitoring System is working • The Register

https://www.theregister.com/2026/03/02/uk_gov_nips_public_sector/

Publish Date: 2026-03-01 22:27:00

Infosec In Brief DNS vulnerabilities are being addressed 84 percent faster in the UK public sector thanks to an automated vulnerability scanning system established as part of a program kicked off early last year.

The Department for Science, Innovation and Technology (DSIT) last week said its Vulnerability Monitoring System (VMS), introduced as part of the Blueprint for Modern Digital Government delivered in January 2025, has reduced the identification and remediation of DNS vulnerabilities in public sector sites from an average of 50 days to just eight.

According to the Department, VMS uses a combination of commercial and proprietary scanning tools to detect vulnerabilities and DNS configurations that could be compromised by attackers. The automated system constantly scans some 6,000 websites hosted by UK public sector agencies, DSIT said, and is configured to check for around 1,000 different vulnerabilities.

Along with its DNS vulnerability improvements, VMS has also reduced the median time to fix other issues from 53 days to 32 days, cut the backlog of critical open domain-related vulnerabilities by 75 percent, and resolved around 400 confirmed vulnerabilities a month since its inception.

“The vulnerability monitoring service has transformed how quickly we can spot and fix weaknesses before they’re exploited so we can protect against that,” Minister for Digital Government Ian Murray said of the new system.

Murray also announced a new career pipeline designed to motivate security professionals to seek jobs at the DSIT and the UK’s National Cyber Security Centre, in order to “protect the services that matter most to people’s lives.”

“Cyber-attacks aren’t abstract threats – they delay NHS appointments, disrupt essential services, and put people’s most sensitive data at risk,” the minister added. “When public…

Source