- The fan-favorite 8TB T5 Evo SSD is almost 50% off at Samsung for Black Friday
- This Samsung projector is secretly the best gaming console you can buy, and it's on sale for Black Friday
- I tested the best Mint alternatives, and this is my favorite money app
- 5 ways to achieve AI transformation that works for your business
- Tech winners and losers of 2024: For every triumph, a turkey
UK Strengthens Cybersecurity Audits for Government Agencies
The UK Government has officially launched GovAssure, a new regime of independent audits of government agencies’ cyber resilience, the Chancellor of the Duchy of Lancaster Oliver Dowden announced during the CYBERUK 2023 conference in Belfast, on April 19, 2023.
First introduced alongside the Government Cyber Security Strategy, published in 2022, GovAssure will mandate all Whitehall departments to go through annual independent, more robust security audits, based on the guidelines set out in the Cyber Assessment Framework of the National Cyber Security Centre (NCSC).
Initially designed for operators of critical national infrastructure (CNI), the Cyber Assessment Framework includes a number of measures, such as establishing indicators of good practice for cyber risk management and protecting against cyber intrusions.
It also introduces third-party audits to increase standardization and validate results, and centralized cybersecurity policies and guidance to help government bodies identify what best practice looks like.
This enhanced cybersecurity measure will “help ministers understand cyber risk across government and deliver on a key part of the government’s Cyber Security Strategy by improving government resilience and helping public bodies protect themselves,” Dowden said.
Michael Ellis, Cabinet Office minister and paymaster general argued that this new programme will also create a more coherent vision of the government’s cybersecurity maturity and posture across all agencies.
“This will create a single lens through which we can understand cyber risk across government and enable government departments to accurately assess their level of cyber assurance and highlight priority areas for improvement. GovAssure will also help us to take a strategic view of government vulnerability – to help inform a strategic roadmap to truly defend as one,” Ellis said.
This announcement comes the same day the NCSC issued a warning about the growing threat of “state-aligned” Russian cyber offensive groups on the UK’s CNI.
GovAssure will be run by the Cabinet Office’s Government Security Group (GSG), with input from the NCSC.
Image credit: Daniel Gale / Shutterstock.com
