NCSC urges organisations to prepare for the long haul on Russia-Ukraine

Cyber security experts have urged UK organisations to prepare for an extended period of heightened threat in relation to the Russia-Ukraine conflict as they published new guidance aimed at supporting staff resilience.

The guidance from the National Cyber Security Centre (NCSC) – a part of GCHQ – is the latest in a series of interventions which began in January with advice to help organisations bolster their cyber defences in response to the developing situation in and around Ukraine.

It sets out eight steps for sustaining a strengthened posture when systems, processes and the workforce remain under pressure, focusing on staff welfare as a direct contributor to maintaining an organisation’s resilience.

The NCSC assesses the cyber threat to the UK as a result of the conflict remains heightened and organisations are urged to not let their guard down and to consult the new guidance to prepare for longer-term resilience.

Paul Maddinson, NCSC Director for National Resilience and Strategy, said: “From the start of the conflict in Ukraine, we have been asking organisations to strengthen their cyber defences to help keep the UK secure, and many have done so.

“But it’s now clear that we’re in this for the long haul and it’s vital that organisations support their staff through this demanding period of heightened cyber threat.

“We have produced new guidance to help organisations do this, and I would encourage them to follow our advice to help sustain their strengthened cyber posture.”

The guidance is designed to be applicable to any period of sustained heightened cyber threat, including the one arising from events in and around Ukraine. A blog post, published today, sets out how the advice relates to the current geopolitical situation.

It advises that increased workloads for cyber security staff over an extended period can harm wellbeing and lead to lower productivity, with a potential rise in unsafe behaviours or errors.

The recommended actions in the guidance include:

• Getting the basics right by following our ‘actions to take when the cyber threat is heightened’ guidance;
• Revisiting risk-based decisions taken during the initial phase of heightened threat;
• Empowering cyber staff to make day-to-day decisions about the threat response without requiring additional oversight;
• Ensuring workloads are spread evenly across individuals and teams and that frontline cyber staff can take breaks to recharge;
• And accelerating planned action to harden networks and boost defence capabilities

It also points to other NCSC guidance and resources to help organisations improve their longer-term resilience, including the 10 Steps to Cyber Security collection and Cyber Security Toolkit for Boards.