Cyber Security Response Readiness: Balancing Risk When Cyber Threat is Heightened

Due to ongoing hostilities in the world, UK public sector and commercial organisations are being warned about the risk of heightened cyber-attacks. There is a compelling reason to allocate year-end spending or surplus budgets to cyber-risk reduction and improved operational resilience against cyber-attacks. Ideally, this should be planned, with the highest risk areas being given priority for spending and allocated funding as part of a cyber security improvement plan, but this is often not the case.

MTI has put together some crucial areas of focus, where surplus budget and underspend on other projects can be used to make a real difference to cyber-risk reduction. There may be times when the cyber threat to an organisation is greater than usual.

Moving to heightened alert status can:
• Help prioritise necessary cyber security work
• Offer a temporary boost to defences
• Give organisations the best chance of preventing a cyber-attack when it may be more likely, and recovering quickly if it happens

Recent events mean that organisations of all sizes, but especially high profile public sector or national infrastructure organisations, must take steps to ensure they can respond to any cyber-attacks.

The focus should be on reducing your vulnerability to attack in the first place and reducing the impact of a successful attack. Even the most sophisticated and determined attacker will use known vulnerabilities, misconfigurations or credential attacks (such as password spraying, attempting use of breached passwords or authentication token reuse) if they can. Removing their ability to use these techniques can reduce the cyber risk to your organisation.

Recommended actions to take

The most important thing for organisations is to make sure that the fundamentals of cyber security are in place to protect their devices, networks and systems. The actions below are about ensuring that basic cyber hygiene controls are in place and functioning correctly.
This is important under all circumstances but critical during periods of heightened cyber threat.

An organisation is unlikely to be able to make widespread system changes quickly in response to a change in threat level, but organisations should make every effort to implement these actions as a priority.

• Check your system patching
• Verify access controls
• Ensure defences are working
• Logging and monitoring
• Review your backups and recovery plan
• Incident plan
• Check your internet footprint
• Phishing response
• Third-party access

MTI believe there is a compelling reason to allocate year-end spending or surplus budgets to cyber-risk reduction and improved operational resilience against cyber-attacks with the services we highlight here.

Get in touch to find out what immediate action our specialist cybers security consultants can help with.

Contact Us