Resources

NCSC Issues Warning Following Invasion Of Ukraine

Written by Robert Hall | Mar 1, 2022 3:48:45 PM

The UK government issued this stark warning, “NCSC [National Cyber Security Centre – part of GCHQ] advises organisations to act following Russia’s further violation of Ukraine’s territorial integrity”.

The first point follows on from a recent article published here. Your cyber insurance may very well not be valid if the attack falls foul of the warfare clause. In short, do not rely upon your safety net being there to catch you if everything else fails. 

The NCSC says that “the cyber threat is heightened”. This obviously will mean different things to different organisations but there are a few basics that you really should observe:

1. Do you have a business continuity plan? Try to work out a “what happens if this occurs” document so that you have something to fall back upon in the event of most incidents. It is handy to decide which role, and therefore individual, will do what in your plan.

2. How safe is you IT infrastructure? As a minimum, you need to have Cyber Essentials certification, and preferably Cyber Essentials plus. To attain these levels of certification, you will have to put lots of safety processes and practices in place, which makes you a lot less vulnerable.

3. Are you aware that almost all cyber attacks start out with a user making a mistake? Do you provide ongoing security training to your staff? If you do not, then how can you expect them to know what they are doing when faced with a threat generated by a professional cybercriminal? It is as naïve to assume that your members of staff will have the “common sense” to just spot such things, as it is to assume that you would not need legal representation in court because you think that you can explain it all yourself just fine. We are no longer talking about the Nigerian Royal family needing to smuggle millions of dollars out of their country via your personal account at Barclays; things have evolved rather dangerously.

This is a lot of information to take in. This is why you will need the help of someone working in this field. Contact Brigantia to be put in touch with your local Brigantia Partner who will be able to advise you on getting your cyber security in line with government recommendations.