Government launches new cybersecurity measures

The government has announced new and enhanced cyber security measures to better protect the UK government's IT systems from growing cyber threats.

All government departments and some arm's length bodies will have their cybersecurity reviewed under new, more stringent measures.

The new cyber security regime, which will be known as GovAssure, will be run by the Government Security Group, part of the Cabinet Office, with input from the National Cyber Security Centre (NCSC).

Chancellor of the Duchy of Lancaster, The Rt Hon Oliver Dowden said: "Cyber threats are growing, which is why we are committed to overhauling our defences to better protect government from attacks. Today’s stepped up cyber assurance will strengthen government systems, which run vital services for the public, from attacks. It will also improve the country’s resilience; a key part of our recent Integrated Review Refresh."

There will be changes in the way the government protects itself from cyber threats, including using NCSC’s Cyber Assessment Framework (CAF) to review the assurance measures all government departments have. The framework includes measures such as setting out indicators of good practice for managing security risk and protecting against a cyber attack and was designed for making critical national services resilient to attack.

Departments will be assessed by third parties to increase standardisation and validate results. There will also be a centralised cyber security policy and guidance to help government organisations identify best practice.

Government chief security officer, Vincent Devine said: "This is a transformative change in government cyber security. GovAssure will give us far greater visibility of the common cyber security challenges facing government. It will set clear expectations for departments, empower hard-working cyber security professionals to strengthen the case for security change and investment, and will be a powerful tool for security advocacy."

Lindy Cameron, CEO, National Cyber Security Centre said: "We are committed to ensuring the UK continues to be a leading global cyber nation, which is why we have supported the development of the Cyber Assessment Framework to improve the security of our most critical information systems.

"The government’s adoption of the Cyber Assessment Framework through GovAssure will significantly improve resilience."