A group of councils are to run a pilot project on the use of a cyber assessment framework (CAF) for local government.
The project is being run by the Local Digital team in the Department for Levelling Up, Housing and Communities, will use framework based on the National Cyber Security Centre’s CAF, and is scheduled to take place over the autumn.
It will involve testing a local government profile through an assessment of the councils’ networks with reference to the 39 CAF outcomes and supporting indicators of good practice.
The results will be reviewed through one-to-one workshops with a DLUHC cyber assessor, with questions whether one profile will be appropriate for all councils in England, what guidance they will need and what barriers emerge during an assessment.
Understanding the appropriate
Highlighting the plan in a blogpost, Local Digital said: “In line with the aims of the Government Cyber Security Strategy, and what we’ve learned from our previous projects, we want to understand what an appropriate CAF profile for local government looks like and how councils could use this to assess and improve their cyber resilience.”
It added: “Once the pilot ends, we plan to continue the roll out of the CAF with councils across England. We’ll continue to iterate and develop the framework and supporting guidance, and explore what reporting and assurance models for local government could look like.”
Cyber security emerged as a strong factor when the Local Digital team identified five core objectives for its work with local authorities earlier in the year. It emphasised the importance of assessing and managing cyber risks, and reducing the disruption caused by attacks.
It has so far indicated that a “small cohort” of councils will take part, declining to provide further details at the moment.