International cyber bodies unify with important security guidance for businesses

The UK has joined international partners in issuing cybersecurity guidance, due to the heightened cyber threat from Russian state-sponsored groups. This follows calls from Government, the CBI, and the NCSC to businesses to bolster their cyber resilience.

But how does this translate to small businesses? This video and article summarises the key facts and actions every business leader should take during this heightened cyber threat.

The advisory has been published jointly by UK, United States, Australia, Canada, New Zealand cyber security agencies to provide consistent guidelines to all businesses, of all sizes, across the multiple countries:

UK

National Cyber Security Centre (NCSC)
National Crime Agency (NCA)

US

Cybersecurity & Infrastructure Security Agency
Federal Bureau of Investigation (FBI)
National Security Agency (NSA)

Australia

Austrian Cyber Security Centre

Canada

Canadian Centre for Cyber Security

New Zealand 

National Cyber Security Centre

Joint Advisory from International Cyber Security Agencies

The advisory sets out several immediate actions that all organisations need to take, to protect their networks and their business against the heightened cyber threat, which include:

• Prioritising the patching of known exploited vulnerabilities

• Enforcing multi-factor authentication

• Monitoring remote desktop connections

• Providing end-user security awareness training.

Here is the original article posted on the US Cybersecurity and Infrastructure Security Agency, containing all technical advice: cisa.gov/uscert/ncas/alerts/aa22-110a

Importance of accelerating cyber resilience plans

Lindy Cameron, the head of the National Cyber Security Centre, said:

In this period of heightened cyber threat, it has never been more important to plan and invest in longer-lasting security measures.

It is vital that all organisations accelerate plans to raise their overall cyber resilience.

It is important that businesses of all sizes implement long-term cybersecurity measures. Without cyber resilience, your business risks being vulnerable to a cyberattack. How long can your business withstand IT being down? Days, weeks, months? Prevention and forward planning can ultimately manage this heightened cyber risk.

high Risk of UK being targeted

Russian-aligned cybercriminal groups, some of which have recently pledged support for the Russian state, have also threatened to conduct malicious operations in retaliation against countries providing aid to Ukraine.

Because the UK is providing aid to Ukraine, the risk of the UK being specifically targeted with a cyberattack is high. This is one of the reasons why there is a heightened security risk in the UK today.

Advice for Organisations from the National Cyber Security Centre (NCSC)

The advisory complements recent advice from the National Cyber Security Centre on actions to take when there is a heightened cyber threat. That recent advice includes:

1. Check your system patching

2. Verify access controls

3. Ensure defences are working

4. Use logging and monitoring

5. Review your backups

6. Update your incident response plan

7. Check your Internet footprint

8. Ensure your staff know how to deal with phishing attempts

9. Review third party access to systems

10. And brief your wider organisation

What should I do next?

We're asking all of our clients to engage with us to review their cyber resilience. Email support@superfast-it.com, or book a time directly with one of our security experts.