This morning, the National Cyber Security Centre (NCSC) published its two-year review, detailing findings from its second year of operations. The report found that there is “little doubt” that a major cyber attack will happen in the near future and whilst the NCSC has cut the UK’s share of phishing attacks targeting the UK in half from 5.3% to 2.4%, most worryingly, it has also had to prevent multiple attacks from hostile nation states. IT security experts commented below.
Fraser Kyne, EMEA CTO at Bromium:
“This report should raise the alarm for any organisation unprepared for attacks from hostile nation states. Whether it’s a sophisticated zero day attack, or a simplistic phishing attempt, organisations must ensure they are ready to proactively prevent nation states from disrupting operations. However, current systems are woefully ill-equipped to deal with common attack vectors like email or downloads, so a determined hacker with the resources of a nation state behind them can easily bypass cyber-defences.
“Currently, enterprises are relying on threat detection tools to estimate where lightning is going to strike, so they can attempt to intercept hackers before they cause disruption. However, all too often these tools throw up a deluge of alerts that only allow operations teams to react and mitigate once a breach has taken place. It’s time for a change in mindset that focuses on protection first, containing threats before they can do any damage. Detection alone cannot protect organisations from advanced threats. Instead, organisations need to adopt layered cybersecurity defences that allow them to proactively defend against common attack vectors in real-time, instead of reacting after the fact.”
Bill Evans, senior director at One Identity:
“The figures within the NCSC’s report, to my mind, are surprisingly low. This might be due to the limited types of breaches or attempted breaches investigated by the NCSC. In terms of the eventuality of a Category 1 cyberattack, it’s nearly impossible to measure readiness for cyber threats. However, there have been more than 1,000 investigated breaches in the past several years – very few of which have been successful. This suggests that the UK is doing a fine job at averting disaster. As threat actors are continually evolving their strategies for cyberwarfare, the UK needs to continue updating its defences on a daily basis and avoid complacency.
Provided those charged with cybersecurity remain focused on their mission during the upheaval that has and will ensue as a result of Brexit, the UK should remain at least as safe as it is today. The biggest potential threat to our cyber defences is if a parliamentarian, who may not be well-versed in cyber security, decides to enact a law that prevents our security professionals from effectively defending our cyber borders.
In order for organisations to play their part in effort to reduce the threat of cyberattack, all enterprises should focus on the “big four” of cyber defences: using multi-factor authentication, implementing a strong privileged access management programme, governance and end user education.”
Javvad Malik, Security Advocate at AlienVault:
“The comments by NCSC are very interesting and deserve close attention. With the spread of IoT into so many aspects of daily life and critical infrastructure, a cyber attack can have far greater impact and consequences. Companies of all sizes should be wary of cyber attacks and have in place appropriate and adequate security controls to help detect threats so that this information can be shared to better protect everyone.”