The UK has joined international partners in issuing cybersecurity guidance, due to the heightened cyber threat from Russian state-sponsored groups. This follows calls from Government, the CBI, and the NCSC to businesses to bolster their cyber resilience.
But how does this translate to small businesses? This video and article summarises the key facts and actions every business leader should take during this heightened cyber threat.
|
The advisory has been published jointly by UK, United States, Australia, Canada, New Zealand cyber security agencies to provide consistent guidelines to all businesses, of all sizes, across the multiple countries:
National Cyber Security Centre (NCSC)
National Crime Agency (NCA)
Cybersecurity & Infrastructure Security Agency
Federal Bureau of Investigation (FBI)
National Security Agency (NSA)
Austrian Cyber Security Centre
Canadian Centre for Cyber Security
National Cyber Security Centre
The advisory sets out several immediate actions that all organisations need to take, to protect their networks and their business against the heightened cyber threat, which include:
Prioritising the patching of known exploited vulnerabilities
Enforcing multi-factor authentication
Monitoring remote desktop connections
Providing end-user security awareness training.
Here is the original article posted on the US Cybersecurity and Infrastructure Security Agency, containing all technical advice: cisa.gov/uscert/ncas/alerts/aa22-110a
Lindy Cameron, the head of the National Cyber Security Centre, said:
In this period of heightened cyber threat, it has never been more important to plan and invest in longer-lasting security measures.
It is vital that all organisations accelerate plans to raise their overall cyber resilience.
It is important that businesses of all sizes implement long-term cybersecurity measures. Without cyber resilience, your business risks being vulnerable to a cyberattack. How long can your business withstand IT being down? Days, weeks, months? Prevention and forward planning can ultimately manage this heightened cyber risk.
Russian-aligned cybercriminal groups, some of which have recently pledged support for the Russian state, have also threatened to conduct malicious operations in retaliation against countries providing aid to Ukraine.
Because the UK is providing aid to Ukraine, the risk of the UK being specifically targeted with a cyberattack is high. This is one of the reasons why there is a heightened security risk in the UK today.
The advisory complements recent advice from the National Cyber Security Centre on actions to take when there is a heightened cyber threat. That recent advice includes:
Check your system patching
Verify access controls
Ensure defences are working
Use logging and monitoring
Review your backups
Update your incident response plan
Check your Internet footprint
Ensure your staff know how to deal with phishing attempts
Review third party access to systems
And brief your wider organisation
We're asking all of our clients to engage with us to review their cyber resilience. Email support@superfast-it.com, or book a time directly with one of our security experts.
|