The NCSC’s Annual Review has published today, which looks at cyber security developments and threat activity over the last year. In the foreword, it states that cyber now underpins every aspect of everyday life. It is central to our economy and society, offering huge potential for the Government’s number one mission for growth and prosperity. But alongside its huge benefits there are also risks and vulnerabilities, making it more important than ever that we secure our online world. In this special opinion piece, Simon Lawrence, director and co-founder at i-confidential, gives his view.
“This is an important update from the NCSC, which reinforces the scale of the threats we are facing and the need for organisations to prioritise their defences.
It is evident that threats targeting the UK are increasing and that these are more frequently being executed by state-sponsored actors looking to compromise our CNI.
“This is a major worry, especially given that the report calls out weak defences in CNI sectors.
“Today CNI covers a huge array of sectors, it’s no longer just oil, gas, water, health and electricity. It is also banks, cloud providers, services providers, ISPs, technology companies and many others, because without these services, society would be disrupted. As a result, all critical providers must prioritise their defences and ensure they can remain operationally resilient, even in the face of attacks or severe disruptions. This means getting the basic security practices right, but also vetting suppliers and modernising legacy infrastructure, which often plagues these industries.
“The NCSC is also clearly concerned about the low uptake in Cyber Essentials and the fact that organisations are still getting caught out by well-known attack techniques.
The basic version of Cyber Essentials is the absolute minimum security requirements an organisation should adhere to, so low certification numbers are worrying.
If organisations are not meeting these requirements, this begs the question, what are they doing to secure their infrastructure?
“Unfortunately many will still be doing absolutely nothing; leaving their networks completely open to adversaries. If this is the case, no wonder the NCSC is concerned.”
Read the NCSC Annual Review, here
Read more news from i-confidential, here
