National Cyber Security Centre’s Russian conflict advice

The UK’s National Cyber Security Centre’s experts have urged organisations to prepare for an extended period of heightened threat in relation to the Russia-Ukraine conflict.

The new guidance aimed at supporting staff resilience is published by the NCSC – a part of GCHQ – is the latest intervention to help bodies bolster their cyber defences.

The advice outlines eight steps for sustaining a strengthened posture when systems, processes and the workforce remain under pressure, focusing on staff welfare as a direct contributor to maintaining an organisation’s resilience.

The NCSC assesses the cyber threat to the UK as a result of the conflict remains “heightened” and organisations are urged to not let their guard down and to consult the new guidance to prepare for longer-term resilience.

Paul Maddinson, NCSC Director for National Resilience and Strategy, said: “From the start of the conflict in Ukraine, we have been asking organisations to strengthen their cyber defences to help keep the UK secure, and many have done so.

“But it’s now clear that we’re in this for the long haul and it’s vital that organisations support their staff through this demanding period of heightened cyber threat.

“We have produced new guidance to help organisations do this, and I would encourage them to follow our advice to help sustain their strengthened cyber posture.”

The guidance is designed to be applicable to any period of sustained heightened cyber threat, including the one arising from events in and around Ukraine.

A blog post,sets out how the advice relates to the current geopolitical situation.

It advises that increased workloads for cyber security staff over an extended period can harm wellbeing and lead to lower productivity, with a potential rise in unsafe behaviours or errors.

The recommended actions in the guidance include:

• Getting the basics right by following our ‘actions to take when the cyber threat is heightened’ guidance;
• Revisiting risk-based decisions taken during the initial phase of heightened threat;
• Empowering cyber staff to make day-to-day decisions about the threat response without requiring additional oversight;
• Ensuring workloads are spread evenly across individuals and teams and that frontline cyber staff can take breaks to recharge;
• Accelerating planned action to harden networks and boost defence capabilities

It also points to other NCSC www.ncsc.gov.uk guidance and resources to help organisations improve their longer-term resilience, including the 10 Steps to Cyber Security collection and Cyber Security Toolkit for Boards.