Misplaced Pages

GovAssure: Difference between revisions

Article snapshot taken from Wikipedia with creative commons attribution-sharealike license. Give it a read and then ask your questions in the chat. We can research this topic together.
Browse history interactively← Previous editNext edit →Content deleted Content addedVisualWikitext
Revision as of 10:49, 10 July 2023 editBobrayner (talk | contribs)Autopatrolled, Extended confirmed users, Pending changes reviewers, Rollbackers53,706 edits plus some categories← Previous edit Revision as of 11:01, 17 July 2023 edit undo51.149.8.48 (talk)No edit summaryTags: Mobile edit Mobile web editNext edit →
Line 1: Line 1:
'''GovAssure''' is a new cybersecurity regime for the UK ], starting in 2022. '''GovAssure''' is a new cybersecurity regime for the UK ], starting in 2023.


==History== ==History==

Revision as of 11:01, 17 July 2023

GovAssure is a new cybersecurity regime for the UK government, starting in 2023.

History

The process was announced in March 2022. Compared to previous cybersecurity for UK government bodies, the main change is the adoption of NCSC's Cyber Assessment Framework. GovAssure expected to help organisations guard against rising Russian attacks, as well as new types of threat actor.

The first two departments to be assessed, under the new scheme, are the Department for Business, Energy and Industrial Strategy and the Home Office, with C3IA assessing a selection of three systems at each.

Processes

  • Government departments, and some other public-sector organisations, will have their cybersecurity reviewed under the GovAssure process;
  • The controls are expected to be stricter than before, using NCSC's Cyber Assessment Framework and its 14 key principles;
  • The new process will be run by the Government Security Group, with advice from NCSC;
  • Independent review, by third parties, is required.

There is also increasing emphasis on post-incident recovery, as part of security strategy.

In parallel, a Government Information Cell has been established, to counter the spread of disinformation.

Further reading

References

  1. https://www.globalsecuritymag.com/Comment-on-Gov-Assure-process-part,20220413,124191
  2. https://www.computerweekly.com/news/365535542/New-GovAssure-cyber-regime-launches-across-UK-government
  3. https://techinformed.com/uk-issues-warning-over-new-russian-linked-cyber-threat/
  4. https://www.civilserviceworld.com/professions/article/govassure-home-office-beis-first-pilots-new-independent-cyber-audits-c3ia
  5. https://www.gov.uk/government/news/government-launches-new-cyber-security-measures-to-tackle-ever-growing-threats--2
  6. https://www.csoonline.com/article/575145/uk-launches-govassure-cybersecurity-scheme-to-protect-government-it-functions.html
  7. https://www.civilserviceworld.com/professions/article/departments-to-undergo-independent-audits-of-cyber-resilience
Categories: