tmc3-primary-logo-blue - Copy


Starters Guide to the NCSC Cyber Assessment Framework

Stuck on where to begin with the NCSC CAF? In this guide, we show you where to start and what you need to look out for.


The UK's Cyber Strategy and Beyond

Understanding the role the NCSC CAF has to play

The National Cyber Strategy has set out the government’s ambition to firmly establish the UK as a cyber power. In a world fundamentally shaped by technology, the UK’s legitimacy as a cyber power is however dependent upon its domestic cyber resilience. The cornerstone of which is government and public sector organisations that deliver the functions and services which maintain and promote the UK’s economy and society.

The aim is clear - for government’s critical functions to be significantly hardened to cyber attack by 2025, with all government organisations across the whole public sector being resilient to known vulnerabilities and attack methods no later than 2030.

To achieve the level of organisation and visibility of cyber security risk across government requires extensive processes, mechanisms and partnerships to be established. This is a task that requires the right skills, knowledge and technology to achieve successful adoption across the varying levels of cyber maturity, capability and capacity. The task at hand is clear and the time for action is now.

You'll learn about:

Introduction to the UK Cyber Security Strategy 2022.

The cyber assessment framework – objectives, principles, and outcomes.

How to get started with a successful implementation project (from any level of maturity).



“This is an ambitious but necessary strategy that demands action across all of government. We must meet our responsibility to ensure that government’s functions and services are resilient to the cyber threats they face - creating a stronger, better-defended government that is the foundation of our status as a cyber power.”

Rt Hon Steve Barclay MP, Minister for the Cabinet Office