The Department for Levelling Up, Housing and Communities is supporting councils in England to assess and improve their cyber posture, in line with the ambitions set out in the Government Cyber Security Strategy 2022-2030.
DLUHC are currently exploring how the Cyber Assessment Framework devised by the National Cyber Security Centre (NCSC) could be used across the sector in England to provide a clear baseline standard when it comes to cyber security.
The Local Government Association held a roundtable with senior IT leaders from the sector to discuss how a Local Government Cyber Assessment Framework (LG CAF) would be supportive to the sector. The group identified seven critical success factors that would need to underpin the LG CAF:
- The LG CAF ensures councils can access necessary UK public sector systems, and supports data sharing, through one, single, clear regime, reducing the workload for local government while achieving the same tangible benefits.
- The LG CAF tailors the NCSC CAF to the local government context with achievable, feasible, and testable indicators of good practice for the sector.
- The LG CAF provides concise, comprehensive, and targeted guidance and support to local government, enabling the adoption and development of best practice.
- The LG CAF provides a shared understanding of sector-wide risks, vulnerability, and practices, empowering sector-led improvement.
- The LG CAF includes self-assurance (trust) and external verification (test) elements to deliver a strong foundation for information sharing.
- The LG CAF provides councils with an agreed minimum required standard (‘baseline’) that must be assured and tested at a specified frequency.
- Successful completion of the LG CAF is an organisational responsibility signed off by a council’s Chief Executive.