Nov 20, 2023

NCSC CAF: Strengthening Cyber Resilience for Critical Infrastructures in the UK

Top of The Shard in London

Protecting critical infrastructure is crucial to maintain global economies and public well-being. Whether it’s a very targeted attack on the Israeli water infrastructure, or multiple attack waves hitting 22 critical infrastructure companies in Denmark in a matter of days, they all emphasize the devastating impact of such incidents.

The Cyber Assessment Framework (CAF or NCSC CAF) is a new government standard designed to safeguard the UK against cyber threats that have the potential to disrupt our critical infrastructure. This valuable framework caters to organizations responsible for vital services and activities in the UK, including Critical National Infrastructure and beyond.

The NCSC CAF offers a systematic and comprehensive approach to assessing how cyber risks to critical infrastructures are managed. The framework consists of 14 principles that focus on desired outcomes rather than specific methods, making it adaptable to organizations of all sizes and sectors. These objectives are further broken down into four key areas, comprising a total of 14 security principles.

Objective A
Managing Security Risk
A.1 Governance
A.2 Risk Management
A.3 Asset Management
A.4 Supply Chain
Objective B
Protecting Against Cyber Attack
B.1 Service Protection Policies and Procedures
B.2 Identity and Access Control
B.3 Data Security
B.4 System Security
B.5 Resilient Networks and Systems
B.6 Staff Awareness and Training
Objective C
Detecting Cyber Security Events
C.1 Security Monitoring
C.2 Anomaly Detection
Objective D
Minimizing The Impact of Cyber Security Incidents
D.1 Response and Recovery Planning
D.2 Improvements

Enhance Your Cyber Defenses With Armis

Armis offers ongoing support in identifying and mitigating attacks across your organization. Our products provide detection and response capabilities, automated alerts, as well as security and policy enforcement. Here’s how Armis aligns with the main objectives of the NCSC CAF.

Objective A: Managing Security Risk

  • Full inventory of all wired and wireless devices connecting to the critical infrastructure.
  • Understand risk with a full device risk analysis, including vulnerability and behavioral analysis
  • Compliance support: documentation and intelligence to comply with NERC-CIP, NIST, NISTIR 8228, and other compliance and regulatory requirements.
  • Understand hidden software and hardware gaps and risks

Objective B: Protecting Against Cyber Attack

  • Segmentation and boundary analysis: actionable analysis to fortify boundaries and eliminate unauthorized connections

Objective C: Detecting Cyber Security Events

Objective D: Minimizing The Impact of Cyber Security Incidents

  • Automated threat responses: alerts of real-time threats and exploits forwarded to your SIEM, SOAR, or xDR solution

The Risk is Real

Recent research from Armis in critical infrastructure environments found that fifty-six percent of engineering workstations have at least one unpatched critical Common Vulnerabilities and Exposures (CVE). A further 16% are susceptible to at least one weaponized CVE, published more than 18 months ago. As the convergence of OT and IT accelerates, unified management of both environments is essential. While OT teams handle industrial control systems, address OT risks and ensure operational integrity, IT-focused responsibilities have often been neglected. Organizations responsible for critical infrastructures must take proactive measures to prevent network infiltrations by threat actors, and this framework offers a comprehensive approach.

A Solid Framework For Long-Term Resilience

We support and commend the release of the NCSC CAF and will continue to help companies as well as national governments, state and local entities to keep critical infrastructure safe and secure. Ready to see how Armis Centrix™ behaves in your environment? Check out our Free Trial. 

Get Updates

Sign up to receive the latest from Armis.