Actions to Take When the Cyber Threat is Heightened In this issue, Stuart curates guidance from the National Cyber Security Centre to help BSA Today readers improve their information security practices and reduce the cyber threat for all health and social care organisations.
I
n response to Russia’s invasion of Ukraine, the National Cyber Security Centre (NCSC) has called on UK organisations to strengthen their online defences.
“While we are unaware of any specific cyber threats to UK organisations in relation to events in Ukraine, we are monitoring the situation closely and it is vital that organisations follow the guidance to ensure they are resilient,” explains Paul Chichester, the NCSC’s Director of Operations, in a statement published alongside the latest guidance.[1] With this in mind, we’re strongly encouraging health and social care organisations to reduce their risk of becoming victims of an attack. The following guidance from the NCSC explains in what circumstances the cyber threat might change and outlines the steps that organisations can take in response to a heightened cyber threat. If you’re curious about what any of the technical terms in this article mean or you want to know what your data security team are talking about, turn to the Glossary on page 26. Balancing Cyber Risk and Defence
The threat an organisation faces may vary over time. At any point, there is a need to strike a balance between the current threat, the measures needed to defend against it, the implications and cost of those defences and the overall risk this presents to the organisation. There may be times when the cyber threat to an organisation is greater than usual. Moving to heightened alert can: • Help prioritise necessary cyber security work. • Offer a temporary boost to defences. • Give organisations the best chance of preventing a cyber attack when it may be more likely, and recovering quickly if it happens.
Continued on Page 22
www.bluestreamacademy.com
21
