Two North East tech firms, Hicomply and Waterstons, are combining their expertise to help businesses align with a government-backed framework to strengthen their cybersecurity and access new opportunities.

The Cyber Assessment Framework (CAF) was developed by the National Cyber Security Centre (NCSC) to assess and improve cyber security and help combat substantial risks from increasing and sophisticated cyber-attacks.

CAF has been in place for a number of years, but 2024 saw a pivotal shift as early adopters across key sectors began their journey to align with CAF, including the NHS. Further adoption with compliance timelines will kick in this year for Government bodies and regulated sectors such as healthcare.

Whilst the framework is particularly relevant for organisations covered by the Network and Information Systems (NIS) Regulations, it is becoming increasingly important for those working across supply chains within critical national infrastructure, as well as regulated industries such as healthcare and finance. It is also essential for those seeking to win tenders and opportunities with organisations and sectors that will be bound by CAF regulation.

With cyber threats on the rise, businesses of all sizes and sectors are under increasing pressure to protect their systems, data, and customers. The CAF provides a more advanced approach to measuring how well organisations manage cyber risks – built upon four objectives: managing security risk, protecting against cyber-attacks, detecting cyber security events, and minimising the impact of incidents.

Hicomply, a UK leader in information security management software, is partnering with Waterstons to help businesses to navigate the complexities of the CAF and to build on the foundations they may already have from other certifications such as ISO 27001.

Ed Bartlett, CEO at Hicomply, said: “Cybersecurity is no longer just an IT issue – it’s essential for businesses to not only reduce risk and protect their business, but to access opportunities. Our goal is to simplify every process and every step to support teams to quickly meet framework standards and to build on all the great work they’ve already done. Even if businesses haven’t started the journey, it doesn’t need to feel daunting. Our goal is to help every organisation to see cybersecurity not just as a regulatory challenge but as a competitive advantage.

“We’re excited to work with businesses like Waterstons, to put our platform and solutions alongside their consultancy services to give businesses the tools and expertise they need to strengthen their cyber resilience.”

Waterstons, an NCSC-assured cyber, digital and technology consultancy and one of only a handful of organisations on the newly created Cyber Resilience Audit scheme, sees this partnership as a major step in strengthening cyber resilience.

Stewart Hogg, Associate Director for cyber security at Waterstons, said: “Cyber threats are constantly evolving, and businesses need to be proactive in their approach. The CAF is a crucial framework to help organisations build strong cybersecurity strategies, but we know meeting its requirements can feel complex. We’re already working with early adopter sectors and with the planned updates to CAF and compliance timelines on the horizon, businesses need start to consider their compliance journey sooner rather than later. Hicomply’s platform will help businesses to navigate the practicalities of the framework with ease and so we’re really excited to be collaborating across clients."

Ed adds: “Strong security measures can help organisations build trust, secure contracts with larger enterprises, and confidently meet regulatory requirements. We want to ensure the business community in the North East is able to take advantage of that. We want to give organisations the tools and expertise needed to not only protect their operations, but also position themselves as trusted, secure partners.”