The National Cyber Security Centre (“NCSC”) has issued new guidance, for organisations of all sizes, to try to mitigate the heightened risks of a cyber attack. This guidance has been triggered by the conflict in the Ukraine, and the risk of cyber attacks moving beyond the region.
The free guidance is available at https://www.ncsc.gov.uk/guidance/actions-to-take-when-the-cyber-threat-is-heightened and cover the following headings:
- Check your system patching
- Verify access controls
- Ensure defences are working
- Logging and monitoring
- Review your backups
- Incident plan
- Check your internet footprint
- Phishing response
- Third party access
- NCSC services
- Brief your wider organisation
Dealing with many of these topics is exactly what you need, to fulfil the UK GDPR principle of technical and organisational measures to maintain security, and so I hope that they are already in place.
If they aren’t, or you have been putting off a cyber security review, then now is the time to address them. This also forms a part of our Data Protection Review, so why not contact us to see how we can help, whilst you focus on ‘business as usual’? Either contact us or book a free 20-minute insight call.