Tag Archives: cybersecurity standards

Cyber Resilience Testing and Facilities: Mapping, Critique, and the Path Forward

Between February and March 2025, I analysed the UK’s Cyber Resilience Testing (CRT) initiative and its associated Cyber Resilience Test Facilities (CRTFs). From that research, I developed three articles: one mapping the global standards landscape, one examining CRT’s practical challenges, and one exploring its role as a trust label. Together, they present CRT as a promising but evolving approach: not yet a standard, but under active NCSC development and consultation, with the potential to reshape product-based assurance if given clarity, support, and ecosystem alignment.

Continue reading →

The Future of Cyber Resilience Testing: Reflections on a Scheme in Transition

Leave a Reply

This blog article offers a critical yet constructive reflection on the UK’s Cyber Resilience Testing (CRT) initiative. While CRT is conceptually sound and timely, significant questions remain around cost, demand, usability, policy intent, and delivery responsibility. The article explores whether CRT is positioned to become a meaningful standard or risks being sidelined as another voluntary layer. It advocates for clearer articulation of purpose, audience targeting, and strategic alignment to unlock CRT’s full potential.

Continue reading →

Horkan

a blog by Wayne Horkan

Tag Archives: cybersecurity standards

Cyber Resilience Testing and Facilities: Mapping, Critique, and the Path Forward

The Future of Cyber Resilience Testing: Reflections on a Scheme in Transition