Becrypt OS successfully evaluated through NCSC Cyber Resilience Testing

LONDON, Feb. 3, 2026 /PRNewswire/ -- Becrypt today announced that Becrypt OS has been successfully evaluated through the National Cyber Security Centre's (NCSC) latest product assurance process, Cyber Resilience Testing (CRT). CRT represents NCSC's current approach to product assurance and is founded on Principles Based Assurance, which NCSC describes as being focused on "meaningful security outcomes rather than prescriptive compliance".

CRT places emphasis on how effectively security controls are designed, implemented and governed in practice. It considers both product-specific technical controls and the wider organisational security practices that underpin secure development, maintenance and support, reflecting NCSC's position that "security is a property of both the product and the organisation that develops and maintains it."

Cyber Resilience Testing is conducted by NCSC endorsed Test Laboratories, which work collaboratively with vendors to assess security governance, development lifecycles and product functionality. Structured around a comprehensive set of security claims tailored to reflect product and deployment context, the process results in reports that can support either light-touch assurance or more detailed risk assessment. 

Becrypt's CEO, Dr Bernard Parsons MBE, commented: "Having worked in Information Assurance and Cyber Security for thirty years, I have been involved in quite a range of product assurance schemes, and have had first-hand experience of some of their challenges. Principles Based Assurance does a lot to avoid the tick-box compliance mentality that many schemes unfortunately can encourage, and is better suited to meet the challenges presented by today's technology diversity and pace of change".

CRT is closely aligned with the UK Government's Software Code of Practice and with wider NCSC guidance and principles. NCSC has emphasised that effective assurance should "support informed decision-making and risk management by consumers," rather than acting as a binary indicator of security quality.

Dr Bernard Parsons continued: "For years, buyers of software products have struggled to differentiate between products with relevant security controls that have been well implemented, and those that haven't. In some areas, this level of information asymmetry has led to market failures. NCSC's latest annual report highlights the need for 'Radical Transparency' to address today's opaqueness with cyber that leads to adverse outcomes. The CRT process is designed to support informed risk management, while at the same time coping with technology diversity and change. In today's world of increasing cyber risk, and interdependence across complex supply chains, elevating the effectiveness and importance of product assurance has become critical".

By participating in CRT, Becrypt aims to contribute to a more resilient and informed market, where assurance supports better security outcomes rather than superficial compliance, and where buyers are equipped to make decisions based on credible and relevant evidence.

For more information, please go to www.becrypt.com

Logo: https://mma.prnewswire.com/media/2876015/Becrypt_Logo.jpg