At the last Food Chain Emergency Liaison (FCELG) meeting we were joined by representatives from the National Cyber Security Centre (NCSC) who gave an informative update on the resources available to businesses.
Please see below a summary of those resources with all the links you should need. Feel free to pass this information on within your business and wider networks.
NCSC Subscription Centre – NCSC marketing emails:
Threat Reports and Advisories –The NCSC’s response, reports and advisories on cyber security matters affecting the UK.
The Weekly Threat Report – The NCSC’s weekly threat report is drawn from recent open source reporting.
NCSC Digital Lofts – Online seminars on cyber security topics, aimed at small- and medium-sized organisations.
NCSC Small Organisations Newsletter – The NCSC’s monthly cyber security newsletter for small organisations, including micro-enterprises, start-ups and the self-employed.
NCSC Cyber UK – CYBERUK is the UK government’s flagship cyber security event, held annually.
Cyber Security Pathway
A route the NCSC would suggest an organisation or individual takes through our products/guidance. The route outlined below, is starting at the most basic messaging.
- Cyber Aware – Cyber Aware is the government’s advice on how to stay secure online. It outlines six actions to take to improve your cyber security and offers a tailored plan for you or your business.
- NCSC Newsletter – sign up link and description as mentioned above.
- Small Business Guide – Explains how to improve your cyber security; affordable, actionable advice for organisations.
- Top Tips for Staff & Cyber Security for Small Organisations E-learning – Cyber Security for Small Organisations and Top Tips for Staff are both designed to be integrated into your organisation’s training platform.
- Exercise in a Box – A free online tool which helps organisations find out how resilient they are to cyber-attacks and practise their response in a safe environment. Exercises include from 15-minute micro exercises, 1-3 hour discussion based exercises and a 3-4 hour simulation exercise.
- Response & Recovery Guide -Guidance that helps organisations prepare their response to and plan their recovery from a cyber incident.
- Ten Steps to Cyber Security – Take things a little further: breaks down the task of defending networks into ten essential components. – 10 Steps to Cyber Security – NCSC.GOV.UK
- COVID -19 Guidance – This guidance includes home working, video conferencing and moving your organisation from physical to digital
- Early Warning – Is available to any UK organisation with a static IP address or domain name. Early Warning helps organisations investigate cyber-attacks on their network by notifying them of malicious activity that has been detected in information feeds.
- Logging Made Easy – Is available to any UK Organisation. LME helps organisations to install a basic logging capability on their IT estate enabling routine end-to-end monitoring of Windows systems.
- Supply Chain Security – The guidance will provide organisations with an improved awareness of supply chain security, as well as helping to raise the baseline level of competence in this regard, through the continued adoption of good practice.
- Cyber Essentials – Cyber Essentials government backed certification scheme helps you to guard against the most common cyber threats and demonstrate your commitment to cyber security. As mentioned, a lot of government and some private contracts are now requesting Cyber Certification as part of their tender process. https://www.ncsc.gov.uk/cyberessentials/overview
NCSC have recently launched the Cyber Essentials Readiness Tool – The Cyber Essentials Readiness Tool is a free, online resource that guides organisations through a series of questions related to the Cyber Essentials criteria to help prepare them for certification.
The tool asks questions about an organisation’s use of hardware, software, and boundary devices such as firewalls, as well as use of passwords and protections against malware and provides clear, non-technical advice for the user. Upon completion of the tool the user receives a tailored action plan that outlines the steps they need to take to achieve Cyber Essentials certification. This tool, developed by IASME on behalf of the NCSC – a part of GCHQ – was launched at the NCSC’s flagship conference CYBERUK 2021.
NCSC have recently released a few Threat videos. They can be accessed via the links below:
- Ransomware: https://youtu.be/DWmMm5IhLDw
- Phishing: https://youtu.be/NhaPVefCjDo
- Security culture: https://youtu.be/Mz0VQx87xvc