The Cabinet Office has formally launched the GovAssure scheme for cyber security audits in UK government departments.
It will be run by the Government Security Group (CSG) in the Cabinet Office with input from the National Cyber Security Centre (NCSC).
Chancellor to the Duchy of Lancaster Oliver Dowden MP announced the launch of the scheme – which was first announced early last year – in a speech at the CyberUK event in Belfast.
It will involve all departments and a select number of arm’s length bodies being subject to stringent annual reviews of their cyber security under the NCSC’s Cyber Assessment Framework, with assessments by third parties to increase standardisation and validate results.
Dowden said: “Today’s stepped up cyber assurance will strengthen government systems, which run vital services for the public, from attacks. It will also improve the country’s resilience; a key part of our recent Integrated Review Refresh.”
Government Chief Security Officer, Vincent Devine said: “This is a transformative change in government cyber security. GovAssure will give us far greater visibility of the common cyber security challenges facing government.
“It will set clear expectations for departments, empower hard-working cyber security professionals to strengthen the case for security change and investment, and will be a powerful tool for security advocacy.”
NCSC CEO Lindy Cameron commented: “We are committed to ensuring the UK continues to be a leading global cyber nation, which is why we have supported the development of the Cyber Assessment Framework to improve the security of our most critical information systems.
“The Government’s adoption of the Cyber Assessment Framework through GovAssure will significantly improve resilience.”