General Atomics

Cyber agencies unveil new guidelines to secure edge devices

Cyber security chiefs in the UK and their international allies have issued a new set of guidelines to help manufacturers of edge devices make their products more secure and easier to investigate if a compromise occurs.



Image by Doucefleur / copyright Shutterstock

Published by GCHQ’s National Cyber Security Centre (NCSC) and cyber security agencies in Australia, Canada, New Zealand and the US, the new guidance highlights an increasing number of sophisticated malicious actors targeting vulnerabilities in edge devices.

Edge devices are internet-connected devices that sit at the ‘edge’ of a network, acting as entry points for data between local networks and the wider internet. Examples include routers, smart appliances, IoT devices, sensors and cameras, which can be particularly vulnerable to hackers as they often handle important data and connect directly to external networks.

The new guidelines encourage device manufacturers to include and enable standard logging and forensic features that are robust and secure by default, so that network defenders can more easily detect malicious activity and investigate following an intrusion.

They also set out the minimum standards for forensic visibility to help network defenders in securing organisational networks, both proactively and in response to a compromise.

NCSC Technical Director Ollie Whitehouse said: “In the face of a relentless wave of intrusions involving network devices globally our new guidance sets what we collectively see as the standard required to meet the contemporary threat.
    
“In doing so we are giving manufacturers and their customers the tools to ensure products not only defend against cyber attacks but also provide investigative capabilities require post intrusion.
    
“Alongside our international partners, we are focused on nurturing a tech culture that bakes security and accountability into every device, while enabling manufacturers and their customers to detect and investigate sophisticated intrusions.”

The guidance is part of a coordinated series of complementary publications on edge device security, released today in collaboration with agencies in Australia, New Zealand, Canada and the US, with input from the NCSC.

Earlier this year, the NCSC highlighted an Ivanti advisory about a critical security vulnerability in their remote access product, which enables employees to work from home and acts as an edge device to protect against external threats.

Related

British Airways updates app with seamless booking and travel features
British Airways updates app
British Airways updates app with seamless booking and travel features
British Airways is rolling out a redesigned mobile app with faster booking, live flight notifications, passport scanning, self-service disruption tools and more.
Aerospace

7 Jul 2026

NATS switches on Swanwick solar project to power UK air traffic control centre
NATS Swanwick solar installation
NATS switches on Swanwick solar project to power UK air traffic control centre
NATS is switching on its largest solar power plant as it inducts more than 5,700 panels to power its centre at Swanwick.
Aerospace Member News

7 Jul 2026

Air Arabia launches Gatwick-Sharjah route as airport network grows
The launch of Air Arabia’s new twice-daily service to London Gatwick from Sharjah (SHJ) in the United Arab Emirates
Air Arabia launches Gatwick-Sharjah route as airport network grows
The inaugural flight between the two airports took place on 4 July, a four month delay to the originally slated start date of March 2026 owing to the war in Iran. 
Aerospace

6 Jul 2026

UK joins NATO initiative to explore multinational Airbus A400M airlift fleet
A400M Flare Jettison
UK joins NATO initiative to explore multinational Airbus A400M airlift fleet
The UK joins Belgium, Croatia, France, Poland, Spain and Türkiye in a NATO initiative to explore a shared Airbus A400M fleet for strategic airlift.
Defence Most Read

7 Jul 2026

The Princess Royal joins NATO industry leaders as ADS supports UK-hosted NIAG Plenary
Princess Royal NATO NIAG Plenary in Portsmouth supported by ADS
The Princess Royal joins NATO industry leaders as ADS supports UK-hosted NIAG Plenary
The Princess Royal joined senior NATO defence industry representatives aboard HMS Warrior as ADS supported the UK-hosted NIAG Plenary in Portsmouth.
IISS report warns Russian-linked drones may be surveying British airbases
British Army drones and the defence investment plan
IISS report warns Russian-linked drones may be surveying British airbases
An IISS report has linked drone sightings over British military bases to Russia’s wider unconventional campaign in Europe, but critics say the evidence falls short of proof.
Defence

7 Jul 2026

Airbus UK to build Aeolus-2 weather satellite for Europe’s next forecasting leap
Aeolus 2 by Airbus UK
Airbus UK to build Aeolus-2 weather satellite for Europe’s next forecasting leap
Airbus Defence and Space UK has been authorised to begin building Aeolus-2, a next-generation ESA and EUMETSAT weather satellite designed to deliver global wind measurements for more accurate forecasting, aviation operations and climate monitoring.
Space

6 Jul 2026

BAE Systems’ Endura demos radiation-hardened capability for space missions
BAE Systems’ Endura demos radiation-hardened capability for space missions
BAE Systems has successfully demonstrated the ability of its Endura system-on-chip (Soc) space processor…
Space

29 Jun 2026

BAE Systems to build high-res imagery satellites for Vantor
BAE Systems to build high-res imagery satellites for Vantor
BAE Systems has entered into an agreement to build high-resolution imaging satellite buses for Vantor, a provider of unified spatial intelligence from space to ground.
Space

25 Jun 2026

Police leadership overhaul puts UK security capability under the spotlight
College of Policing image showing officers on the beat
Police leadership overhaul puts UK security capability under the spotlight
A major review of police leadership in England and Wales has warned that future UK security capability will depend on stronger leadership, skills and workforce planning as public safety organisations respond to more complex threats.
Security

7 Jul 2026

Smiths Detection completes transition to CVC Capital Partners
Smiths Detection completes transition to CVC Capital Partners
Smiths Detection completes transition to CVC Capital Partners
Smiths Detection has completed its transition from Smiths Group to CVC Capital Partners (CVC), a private markets investment firm.
Aerospace Security

1 Jul 2026

Serbus acquires Westica
Serbus acquires Westica
Serbus acquires Westica
Provider of secure Critical National Infrastructure (CNI) networking and communication solutions, Serbus, has acquired Westica Communications Limited (Westica), for an undisclosed sum.
Defence Security

30 Jun 2026