UK Ministry of Housing, Communities and Local Government (MHCLG)
Laying the foundations for better local public services
The MHCLG Local Digital team is working to reduce the incidence and impact of cyber attacks, and support sustainable cyber risk management. This is part of our commitment to the continuous improvement of cyber security practice.
On this page you can read about our current cyber programmes as well as past work.
The MHCLG Local Digital team is supporting councils in England to build their cyber resilience and meet the aims and objectives of the Government Cyber Security Strategy.
Local Digital has launched the Cyber Assessment Framework (CAF) for local government to set a clear cyber security standard for the sector.
Working with councils and cyber security experts, we have adapted the National Cyber Security Centre’s CAF, to help you assess and improve your council’s cyber resilience and address vulnerabilities that could disrupt critical services.
Learn more about what this means for councils and how to begin the CAF
Since 2020, the Cyber Support programme has provided £19.9 million in funding to support local authorities to address serious cyber security vulnerabilities.
The support the councils received included:
While the cyber support programme is coming to an end, we’ll continue to work through the remediation plans with the councils that are already enrolled and focus on how we can support all councils through the Cyber Assessment Framework.
The cyber threat to the local government sector is very real, present, and continuing to evolve. In response to this, we are accelerating plans to support the sector to ‘Defend as One’ – harnessing the value of sharing cyber security data, expertise and capabilities across the sector. We will share more on our plans in due course.
In May 2020, we completed a pre-discovery and then a discovery to investigate how MHCLG might support local authorities to reduce the incidence and impact of cyber attacks, and support sustainable cyber health.
A cyber health framework was identified as one of the main areas of opportunity to progress into an alpha project, to support council staff to navigate numerous and sometimes overlapping standards. Read about the key findings and recommendations from the discovery.
We completed two alpha projects to support local authorities to reduce the incidence and impact of cyber attacks, and support sustainable cyber health:
In the Autumn 2021 Budget, Local Digital was awarded £37.8 million of additional funding to tackle cyber security challenges facing councils and invest in local authority cyber resilience, protecting vital services and data.
The introduction of the Government Cyber Security Strategy in 2022 changed the team’s direction towards the NCSC’s Cyber Assessment Framework (CAF).
In 2022 we conducted a pilot with 10 councils in England to explore how the NCSC’s Cyber Assessment Framework (CAF) could be used to help assess and manage cyber risks across the sector. You can read more about the pilot in the CAF for local government pilot report.
From May 2023 to February 2024 we carried out further testing of the CAF through the Future Councils pilot. This included testing documentation, guidance and templates to guide councils through a CAF assessment.
In February we kicked off an alpha project to develop the CAF service and conduct further testing with a cohort of 20 councils. Updates on the project will be shared on the CAF for local government webpage.
In October we launched the early stages of the CAF for local government on the new UK Government Security website.
Subscribe to the Local Digital newsletter for regular updates on our cyber work, plus news and events relevant to those working in and around local government cyber security.
