The U.K. National Cyber Security Centre updated its cyber assessment framework to include a focus on critical infrastructure vulnerabilities. It now includes sections on remote access, privileged operations, user access levels and multifactor authentication.