Prepare for an extended period of heightened cyber threat

The National Cyber Security Centre (NCSC) has urged UK organisations to prepare for an extended period of heightened threat in relation to the Russia-Ukraine war.

There may be periods when the cyber threat is heightened for an extended period, for example, as a result of geopolitical tensions. During these periods, organisations will experience:

  • An initial acute phase (when they are required to strengthen their defences and address vulnerabilities), followed by:
  • A protracted phase (when a strengthened cyber posture should be maintained to manage the residual risk from the increase in threat).

Over time, the cyber threat may come down again, but it is unlikely to return to the previous baseline. Organisations might maintain aspects of their strengthened posture for the long term, in response to a changed threat landscape. The NCSC will continue to issue guidance to help organisations assess the level of the cyber threat.

Their new guidance sets out eight steps to help you to maintain a strong posture when under pressure. The guidance has a particular focus on how staff welfare can be a direct contributor to maintaining an organisation’s resilience.

See: Maintaining a sustainable strengthened cyber security posture – NCSC.GOV.UK