Building Cyber Resilience

NCSC Cyber Assessment Framework: Focus on Cyber Resilience

The UK National Cyber Security Centre’s Cyber Assessment Framework (CAF) 4.0 introduces important updates designed to address an increasingly complex and adversarial threat landscape. Release in August 2025, the revised framework places stronger emphasis on threat-informed resilience, proactive cyber security, understanding AI risks and advanced attacker methods.

Rather than focusing solely on the presence of security measures, CAF 4.0 promotes an outcome-based approach to cyber resilience. Organizations are expected to demonstrate that their controls are informed by current threat intelligence, regularly tested against realistic scenarios, and aligned with business-critical functions. This shift reflects growing regulatory expectations and the operational realities faced by operators of essential services.

This paper examines the key principles introduced in CAF 4.0 and explores how organizations can translate them into practical, measurable actions. It highlights the strengthened link between threat intelligence, security posture validation, and risk-informed decision-making. In addition, it outlines how an integrated threat-informed approach can support organizations in demonstrating resilience and aligning with the framework’s requirements.

Finally, the paper illustrates how Filigran’s Extended Threat Management (XTM) platform supports the operationalization of CAF 4.0 by connecting intelligence, validation, and governance into a unified cyber resilience strategy.