Skip to main content

It has been over five years since the UK’s National Cyber Security Centre (NCSC) introduced the Cyber Assessment Framework (CAF) in response to the implementation of the Network and Information Systems (NIS) Regulations. Currently in its 4th iteration, version 3.1 of the UK’s National Cyber Security Centre’s Cyber Assessment Framework (CAF) includes several clarifications and updates.

Originally designed for organisations responsible for Critical National Infrastructure designated Operators of Essential Services (OESs) as defined by the NIS Regulations, the CAF has been updated to have broader applicability and is now at the core of the government’s cybersecurity strategy. It is being used by a wider range of public sector organisations.

The CAF collection consists of four high-level objectives that are further broken down into 14 cyber security and resilience principles. It also provides guidance on their application and includes 39 Indicators of Good Practice (IGP). Unlike many generic cybersecurity practices, the CAF collection is suitable for both Information Technology (IT) and Operational Technology (OT) environments, covering various organisations that operate OT systems, ranging from power generation to pharmaceutical production. Learn more about the framework and how Dragos can help you implement it – download this solution brief today.

Discover More Resources Using Keyword Tags
Audit & Compliance compliance compliance and reguations

Discover more resources.

Explore more resources to support you on your ICS cybersecurity journey.

View next solution brief

solution-briefs

Dragos and AWS Solution Brief

View Solution Brief
Right Arrow

View more solution briefs

Right Arrow

See the Dragos Platform in Action

Take the next step to protect your OT environment now with a free demo