This morning, the UK’s National Centre for Cyber Security (NCSC) has issued a report on the first results of some of their key cybersecurity initiatives. IT security expert Bob Rudis, Chief Data Scientist at Rapid7 commented below.
Bob Rudis, Chief Data Scientist at Rapid7:
“The design and labour behind the National Cyber Security Centre’s Active Cyber Defence initiatives — along with the inaugural published results — are nothing short of incredible. The NCSC hasproved that with collaboration and appropriate support, it is possible to implement foundational cybersecurity monitoring, configuration, and reporting that fundamentally changes the economics for opportunistic/commodity attackers.
Each initiative covered in the report shows signs of real, measurable, positive impact, and at the same time, NCSC is providing clear, concise and effective tooling and reporting for defenders and business process owners. We, as an industry, now have at-scale, baseline data that proves basic elements of cybersecurity — such as how DNS, email, web servers, SSL certificates and routing protocols are configured/tracked — can fundamentally change the behaviour of attackers and force them to move to more insecure targets.
This “active defence” experiment by the NCSC — if adopted by other countries and even other large organizations — could radically change the attacker/defender landscape. The immediate impact is clear: UK citizens are measurably, significantly safer than they were before the ACD initiatives were rolled out and cybersecurity analysts across the globe have a rich data set to better model threats, vulnerabilities and overall risks to the organisations they serve.
Other countries should adopt the methods and services outlined in the report immediately to provide equal protections for their citizens and all participating countries should work together to share outcome data to aid in the development of even more robust active defence services.”
The opinions expressed in this post belongs to the individual contributors and do not necessarily reflect the views of Information Security Buzz.