We are currently working on a new and improved version of the CyberFundamentals framework and its associated tools. To ensure a smooth transition, there will be a transition period during which both the current and new version will be available.
As soon as the updated tools are finalised, they will be published on this page. We encourage you to begin familiarising yourself with the new materials once they are released.
Please note: after the transition period ends, only the new tools will be accepted. The current versions will no longer be available or valid for self-assessments or verification purposes.
The transition from CyFun® 2023 to CyFun® 2025 marks a significant step forward in aligning the CyberFundamentals Framework with the rapidly evolving cybersecurity landscape. This update was driven by the need to stay aligned with key international standards, such as the NIST Cybersecurity Framework 2.0, and relevant European legislation, including the NIS2 Directive.
CyFun® 2025 incorporates the latest developments in information and cybersecurity, ensuring that organisations are better equipped to face emerging threats. The update also reflects valuable feedback from users of the 2023 version, helping to refine and enhance the framework’s usability and effectiveness.
A notable enhancement is the extended focus on supply chain security, Additionally, the reformulation of controls and guidelines improves both clarity and auditability, making the framework more accessible and actionable.
To further support implementation, CyFun® 2025 offers more comprehensive guidance on how requirements should be interpreted and applied. The introduction of “Governance Measures” strengthens the auditability of the “Essential” Assurance Level, providing organisations with clearer benchmarks for conformity.
Finally, the spreadsheet version of the framework has also been streamlined, now containing only the core requirements. This makes it more manageable and easier to integrate into existing processes..
In this context an evolution to a new edition was necessary. We foresee the launch of the new version during the second half of 2025. The switch will be accompanied by a migration period during which the various organisations can make the transition to this new edition. We will update its existing mappings and publish information and possibly new tools on this website to make that transition as smooth as possible.