Starters Guide to the NCSC Cyber Assessment Framework

The UK's Cyber Strategy and Beyond

Understanding the role the NCSC CAF has to play

The National Cyber Strategy has set out the government’s ambition to firmly establish the UK as a cyber power. In a world fundamentally shaped by technology, the UK’s legitimacy as a cyber power is however dependent upon its domestic cyber resilience. The cornerstone of which is government and public sector organisations that deliver the functions and services which maintain and promote the UK’s economy and society.

The aim is clear - for government’s critical functions to be significantly hardened to cyber attack by 2025, with all government organisations across the whole public sector being resilient to known vulnerabilities and attack methods no later than 2030.

To achieve the level of organisation and visibility of cyber security risk across government requires extensive processes, mechanisms and partnerships to be established. This is a task that requires the right skills, knowledge and technology to achieve successful adoption across the varying levels of cyber maturity, capability and capacity. The task at hand is clear and the time for action is now.