With recent announcements of more stringent cyber security measures being implemented across all government departments and a select number of arm’s length bodies, there has never been a better time for Wales to accelerate its cyber security ambitions.
New cyber security measures will increase the UK’s cyber resilience and protect the UK government’s essential IT functions and under new rules, all central government departments will now have their cyber health reviewed annually through new, more robust criteria.
Known as GovAssure, the new cyber security scheme will be run by the Cabinet Office’s Government Security Group (GSG), with input from the National Cyber Security Centre (NCSC).
As the UK begins to grapple with increasing threats to its digital infrastructure, it is essential organisations in Wales take proactive steps to protect their and secure their digital assets.
GovAssure was announced by Chancellor to the Duchy of Lancaster, Oliver Dowden, at a speech to CyberUK in Belfast last week.
Chancellor of the Duchy of Lancaster, The Rt Hon Oliver Dowden said:
Cyber threats are growing, which is why we are committed to overhauling our defences to better protect government from attacks. Today’s stepped up cyber assurance will strengthen government systems, which run vital services for the public, from attacks. It will also improve the country’s resilience; a key part of our recent Integrated Review Refresh.
GovAssure introduces a number of changes in the way government protects itself from cyber threats. These include:
- Using NCSC’s Cyber Assessment Framework (CAF) to review the assurance measures all government departments have. The framework includes measures such as setting out indicators of good practice for managing security risk and protecting against a cyber attack and was designed for making critical national services resilient to attack.
- Departments will also be assessed by third parties to increase standardisation and validate results.
- Centralised cyber security policy and guidance to help government organisations identify best practice.
In January 2022, the UK government launched the first ever Government Cyber Security Strategy (GCSS) which laid out the significant challenges facing government security and a clear vision for improving resilience. Today’s announcement delivers on a key part of the aim of the strategy of significantly hardening government systems from cyber attack.
Government Chief Security Officer, Vincent Devine said:
This is a transformative change in government cyber security. GovAssure will give us far greater visibility of the common cyber security challenges facing government. It will set clear expectations for departments, empower hard-working cyber security professionals to strengthen the case for security change and investment, and will be a powerful tool for security advocacy.
Lindy Cameron, CEO, National Cyber Security Centre said:
We are committed to ensuring the UK continues to be a leading global cyber nation, which is why we have supported the development of the Cyber Assessment Framework to improve the security of our most critical information systems.
The government’s adoption of the Cyber Assessment Framework through GovAssure will significantly improve resilience.
In this new era of heightened digital vigilance, Wales has the opportunity to establish itself as a global leader in cyber security, fostering innovation and resilience while safeguarding its future in the digital age.