ENISA updates framework for assessing national cybersecurity capabilities
ENISA has released NCAF 2.0, an updated framework and online tool to help national authorities assess cybersecurity strategy implementation and maturity.
The EU cybersecurity agency ENISA has released an updated National Cybersecurity Capabilities Assessment Framework, known as NCAF 2.0.
The framework is designed to help national authorities evaluate how far they have progressed in implementing their national cybersecurity strategies. It provides a structured way to identify strengths, gaps, and priority areas for further action.
NCAF 2.0 includes an online tool and can be adapted to different national contexts. It is mainly intended for policymakers, cybersecurity experts, and government officials involved in designing, implementing, or reviewing national cybersecurity strategies.
At EU level, the framework provides a common reference point for comparing approaches, exchanging good practices, and supporting discussions on cybersecurity capacity development.
The updated version also reflects recent EU cybersecurity policy developments, including the NIS2 Directive. It can support Member States preparing for voluntary peer reviews under Article 19 of that Directive.
ENISA presents the framework as part of its wider work to support EU Member States in strengthening national cybersecurity resilience and coordination.
