GovAssure explained

GovAssure is a new cybersecurity regime for the UK government, starting in 2023.

History

The process was announced in 2022.[1] Compared to previous cybersecurity for UK government bodies, the main change is the adoption of the NCSC's Cyber Assessment Framework.[2] GovAssure is expected to help organisations guard against rising Russian attacks,[3] as well as new types of threat actors.

The first two departments to be assessed under the new scheme are the Department for Business, Energy, and Industrial Strategy and the Home Office, with C3IA assessing a selection of three systems at each.[4]

Processes

There is also increasing emphasis on post-incident recovery as part of the security strategy.

In parallel, a Government Information Cell has been established to counter the spread of disinformation.[7]

Further reading

Notes and References

  1. Web site: 2023-08-24 . Comment on Gov Assure process part of the UK's National Cyber Strategy 2022 programme . 2023-08-24 . Global Security Mag Online . en.
  2. Web site: New GovAssure cyber regime launches across UK government Computer Weekly . 2023-08-24 . ComputerWeekly.com . en.
  3. Web site: Deslandes . Nicole . 2023-04-19 . UK issues warning over new Russian-linked cyber threat . 2023-08-24 . TechInformed . en-US.
  4. Web site: 2023-01-18 . Home Office and BEIS first under the microscope in pilots of new cyber audits . 2023-08-24 . Civil Service World . en.
  5. Web site: Government launches new cyber security measures to tackle ever growing threats . 2023-08-24 . GOV.UK . en.
  6. Web site: UK launches GovAssure cybersecurity scheme to protect government IT functions . 2023-08-24 . CSO Online . en-US.
  7. Web site: 2022-04-08 . Departments to undergo independent audits of cyber resilience . 2023-08-24 . Civil Service World . en.