Tag Archives: Security Labelling

Cyber Resilience Testing and Facilities: Mapping, Critique, and the Path Forward

Between February and March 2025, I analysed the UK’s Cyber Resilience Testing (CRT) initiative and its associated Cyber Resilience Test Facilities (CRTFs). From that research, I developed three articles: one mapping the global standards landscape, one examining CRT’s practical challenges, and one exploring its role as a trust label. Together, they present CRT as a promising but evolving approach: not yet a standard, but under active NCSC development and consultation, with the potential to reshape product-based assurance if given clarity, support, and ecosystem alignment.

Continue reading →

Trust, Labels, and the Path to Meaningful Security: Rethinking CRT Adoption in the UK

Leave a Reply

This article critically examines the UK’s Cyber Resilience Test (CRT) as a cybersecurity labelling initiative aimed at building consumer trust in connected devices. While affirming CRT’s importance, it highlights the need for clearer value propositions, stakeholder alignment, and behavioural insights to ensure meaningful adoption. Drawing on global examples like Singapore’s CLS and the EU’s CE mark, it argues that CRT must evolve from a technical standard to a culturally embedded trust signal. The piece advocates for a dynamic playbook that supports SMEs, educates consumers, aligns with procurement policy, and adapts over time — turning CRT into a living, ecosystem-wide standard.

Continue reading →

Horkan

a blog by Wayne Horkan

Tag Archives: Security Labelling

Cyber Resilience Testing and Facilities: Mapping, Critique, and the Path Forward

Trust, Labels, and the Path to Meaningful Security: Rethinking CRT Adoption in the UK