in Security

NCSC urges organisations to prepare for long haul on Russia-Ukraine

Posted 5 July 2022

Cyber security experts at the National Cyber Security Centre (NCSC) – a part of GCHQ – today urged UK organisations to prepare for an extended period of heightened threat in relation to the Russia-Ukraine conflict as they published new guidance aimed at supporting staff resilience.



Above:
The National Cyber Security Centre (NCSC), Nova South, London.
Image by Simone Flamigni / copyright Shutterstock

The guidance from the National Cyber Security Centre (NCSC) – a part of GCHQ – is the latest in a series of interventions which began in January with advice to help organisations bolster their cyber defences in response to the developing situation in and around Ukraine.

It sets out eight steps for sustaining a strengthened posture when systems, processes and the workforce remain under pressure, focusing on staff welfare as a direct contributor to maintaining an organisation’s resilience.

The NCSC assesses the cyber threat to the UK as a result of the conflict remains heightened and organisations are urged to not let their guard down and to consult the new guidance to prepare for longer-term resilience.

Paul Maddinson, NCSC Director for National Resilience and Strategy, said: “From the start of the conflict in Ukraine, we have been asking organisations to strengthen their cyber defences to help keep the UK secure and many have done so.

“But it’s now clear that we’re in this for the long haul and it’s vital that organisations support their staff through this demanding period of heightened cyber threat.

“We have produced new guidance to help organisations do this, and I would encourage them to follow our advice to help sustain their strengthened cyber posture.”

The guidance is designed to be applicable to any period of sustained heightened cyber threat, including the one arising from events in and around Ukraine. A blog post, published today, sets out how the advice relates to the current geopolitical situation.

It advises that increased workloads for cyber security staff over an extended period can harm wellbeing and lead to lower productivity, with a potential rise in unsafe behaviours or errors.

The recommended actions in the guidance include:

  • Getting the basics right by following our ‘actions to take when the cyber threat is heightened’ guidance
  • Revisiting risk-based decisions taken during the initial phase of heightened threat
  • Empowering cyber staff to make day-to-day decisions about the threat response without requiring additional oversight
  • Ensuring workloads are spread evenly across individuals and teams and that frontline cyber staff can take breaks to recharge
  • Accelerating planned action to harden networks and boost defence capabilities

It also points to other NCSC guidance and resources to help organisations improve their longer-term resilience, including the 10 Steps to Cyber Security collection and Cyber Security Toolkit for Boards .
 

 

 

Other Stories
Advertisement
Latest News

Babcock partners with IAI on MoD SERPENS radar programme

Babcock has signed a Memorandum of Understanding (MoU) with Israel Aerospace Industries’ (IAI) Group and Subsidiary ELTA Systems to provide a deep-find radar solution for the UK Ministry of Defence’s SERPENS programme.

Vice Admiral Sir Chris Gardner KBE appointed CEO of SDA

The Prime Minister has approved the appointment of Vice Admiral Sir Chris Gardner KBE as the new CEO of the Submarine Delivery Agency (SDA).

Bristow to deliver UKSAR2G with Schiebel Camcopter capability

Bristow has been awarded a 10-year contract by the UK Maritime Coastguard Agency (MCA) to deliver the Second-Generation Search and Rescue (UKSAR2G) programme, with the contract including the operational deployment of

Inter-Tec Aero moves European business to Shannon

Inter-Tec Aero Ltd, which offers bespoke aerospace design, certification and analysis solutions to a broad range of aircraft platforms, has relocated its EASA DOA office from Sligo in Ireland to Shannon, as of 1st July this year.

Menzies Aviation secures eight airport contracts in Pakistan

Menzies Aviation today announced more than a dozen significant contract wins in Pakistan since it acquired a 49% shareholding in Royal Airport Services (RAS), an aviation services business based in Pakistan.

Element acquires Singapore Test Services

Element Materials Technology (Element) has acquired testing, inspection, calibration and certification provider, Singapore Test Services (STS), a subsidiary of ST Engineering.

ODU SK0104300422
See us at
Advanced Engin BT2504031122GlobalMilSatCom BT2006101122Future Arm Vehicles Power Systems BTDVD BT2704220922