The following news story is result of an uncovering report as presented by the NCSC:
Advice on managing enterprise security published after major cyber campaign detected
- Third parties who manage large organisations’ IT services attacked
- NCSC leading investigation in partnership with Cyber Incident Response partners
- Advice urges enterprise security teams to discuss risk with Managed Service Providers
TARGETED expert advice aimed at Managed Service Providers and their customers has been published after a global cyber attack was uncovered by a multi-organisation collaboration led by the National Cyber Security Centre (NCSC).
The attacks are against global Managed Service Providers (MSPs), which are third parties who help to manage large organisations’ IT infrastructure and services. MSPs are particularly attractive to attackers because they have privileged access to other organisations’ systems and data.
Due to the incident affecting mainly larger organisations, the NCSC believes the risk of direct financial theft from individuals is unlikely.
The attacks provide a reminder about the importance of organisations choosing and monitoring their outsourcing partners carefully, so the NCSC has posted a range of advice on their website about what people should be done to mitigate against risks.
Ciaran Martin, CEO of the government’s National Cyber Security Centre Said:
“This scale of hostile activity is significant and our intervention is aimed at giving the UK the ability to tackle this threat head-on by giving organisations the tools and information they need.
“We always encourage enterprises to discuss this threat with their MSP, even if they have no reason to believe they have been affected. This incident should remind organisations that entire supply chains need to be managed and they cannot outsource their risk.
“The response to this attack is an example of the new NCSC at work with our partners. It would not have been possible to uncover the scale and significance of this incident as quickly without our close partners in Cyber Incident Response (CIR) initiative, including PWC and BAE Systems.”
The guidance reflects the technical advice and mitigation measures offered to U.K. industry and government departments on the Cyber-security Information Sharing Partnership (CISP) platform.
Organisations who outsource IT infrastructure are recommended to have an open dialogue with their provider and to understand what model they use to manage your services. If their model is unsatisfactory, the organisation should demand that they change it immediately.
The NCSC recommends that MSPs who are unwilling to work closely with customers or are unwilling to share information should be treated with extreme caution. They also advise that having an independent audit of your MSP is critical for security management – an organisation that neglects such monitoring is unlikely to ever be able to effectively manage the risk.
The NCSC, which is part of GCHQ, is the UK’s technical authority on cyber security. The NCSC was opened by HM The Queen in February 2017 and provides a single, central body for cyber security at a national level. It manages national cyber security incidents, carries out real-time threat analysis and provides tailored sectoral advice.
The UK government is fully committed to defending against cyber threats and address the cyber skills gap to develop and grow talent. A five year National Cyber Security Strategy (NCSS) was announced in November 2016, supported by £1.9billion of transformational investment.
Finding Reliable, Trusted & Assured Experts Through NCSC Seal Of Approval
The NCSC, set up in October 2016, is part of GCHQ and amalgamates government agencies dealing with cyber security. The NCSC was set up to help protect our critical services from cyber attacks, managing major incidents and improve the underlying security of the UK Internet through technological improvement and advice to citizens and organisations. Their vision is to help make the UK the safest place to live and do business online. NCSC certification serves as seal of trust, assurance and reliability for procuring services.
Certified Cyber Consultancies will have demonstrated to NCSC that they have;
- a proven track record of delivering defined cyber security consultancy services
- a level of cyber security expertise supported by professional requirements defined by NCSC
- the relevant Certified Professional (CCP) qualifications
And that they;
- Manage consultancy engagements in accordance with industry good practice
- Meet NCSC requirements for certified professional cyber services companies
Certified Cyber Security Consultancies commit to:
- Complying with a code of conduct (see Section III of the Professional Cyber Services Application form)
- Maintaining their cyber security expertise
SECURESTORM: PROVIDING CERTIFIED EXPERTISE
Securestorm as an NCSC certified Cyber Security Consultancy, are 1 of 3 companies who specialize in IA Audit and Review. Securestorm can undertake the Independent Security Assurance Reviews and IA Audits of Managed Service Providers as advised by the NCSC in light of this new attack. Additionally, Securestorm are also certified to carry out Risk Assessment & Risk Management with experience across Central government, Digital services for Government, Wider Public Sector.