National Cyber Security Centre News

Bugcrowd, the crowdsourced security pioneer, has signed value-added distributor SEC DATACOM as a distributor in Finland and the Baltic states in an initiative to combat the region’s rapidly escalating cybersecurity threats. These include nation-state attacks on critical infrastructure, government bodies and businesses. The alliance gives Bugcrowd access to SEC DATACOM’s network of 400-500 IT resellers, system integrators and managed security providers (MSPs) in the region. Bugcrowd...

IriusRisk, the industry-renowned platform for automated threat modeling, grew by more than 50% in 2023, in large part as a result of the company’s expansion into Artificial Intelligence (AI). The company reported a 51% Annual Recurring Revenue (ARR) growth from December 2022 to December 2023, driven by strategic moves into AI and impressive customer retention and expansion rates.  AI expansion The expansion into AI is part of the company's wider plans to power the development of ad...

Over one-third (35 percent) of Chief Information Security Officers (CISOs) admit to ignoring the National Cyber Security Centre’s (NCSC’s) cybersecurity guidance. This finding and others were revealed in a new survey and report from Absolute Security, a global pioneer in enterprise cyber resilience. Cyber Resilience Report 2024 This finding was despite 48 percent of respondents revealing that their organisation was hit by a ransomware attack over the past year. The NCSC has issued...

The National Cyber Security Centre (NCSC) has issued a warning of heightened cyber threat to UK critical national infrastructure due to the risk posed by Russia state-aligned actors. Pro-Russia ‘hacktivists’ have been targeting vulnerable small-scale industrial control systems in the UK, Europe and North America with more attacks expected over the coming months to target critical national infrastructure. AI-enabled cyber threats The NCSC outlined that the threats have la...

New Government regulations mandate that all internet-connected smart devices, spanning from phones to TVs to smart doorbells, adhere to minimum-security standards by law. Groundbreaking legislation is in effect in the UK, aimed at shielding consumers and businesses from cyber threats. Cyber laws This initiative, spearheaded by the Department for Science, Innovation and Technology, the National Cyber Security Centre, and the Office for Product Safety and Standards, along with the efforts of Ju...

IriusRisk, the industry-pioneering platform for automated threat modelling, has announced the appointment of Jose López Muñoz as its new Head of AI. The appointment represents another key milestone in IriusRisk’s plans to power the development of advanced AI-driven threat modelling solutions, transforming how the company can help its customers design secure software and systems. Prior roles of Jose López Muñoz Jose López Muñoz’s immediate...

Genetec Inc., a pioneering technology provider of unified security, public safety, operations, and business intelligence solutions, announces it is the first manufacturer to achieve the Cyber Assurance for Physical Security Systems (CAPSS) 2023 standard, for unified video and access control software. The specific solutions to be granted CAPSS-approved status are Genetec Security Centre Omnicast™, Genetec Security Centre Synergis™ and the Genetec Synergis™ Cloud Link. Process...

As the new academic year rolls on, school leaders across the United Kingdom (UK) are facing a stark and unsettling reality: the rising threat of cyber-attacks looms large. Recent reports of cyber-attacks targeting institutions such as Highgate Wood School in Crouch End, St Augustine Academy in Maidstone, and Thomas Hardye School in Dorchester, UK have highlighted the pressing need for schools to fortify their cybersecurity defences. In this blog, Advantex explores how outdated infrastructure a...

Recent research by the National Cyber Security Centre (NCSC) has found UK law firms are increasingly appealing targets for cybercriminals interested in stealing and exploiting client data.  Hybrid working has been cited as a challenge for firms attempting to maintain secure working practices and protect client confidentiality, but as cyberattacks become more sophisticated, the data that law firms hold are targeted for ransomware and insider trading. Proactive steps and training These cyb...

The National Cyber Security Centre (NCSC) and Information Commissioner’s Office (ICO) have ramped up their focus on the UK’s digital resiliency to better protect against the rising tide of cyber-attacks. A top priority for the organisations is to improve the UK’s response to cyber incidents, with the ICO incentivising impacted businesses to engage with the NCSC to encourage transparency and recovery against threats. NCSC and ICO’s resiliency roadmap The NCSC and ICO&rs...

Drata, a continuous security and compliance automation platform announced the addition of Cyber Essentials, expanding on the company’s support for over 17 compliance frameworks, standards, and regulations. Drata empowers customers pursuing Cyber Essentials with unmatched automation along with critical guidance for Cyber Essentials Plus, which requires independent verification. Cyber Essentials Created and backed by the United Kingdom’s National Cyber Security Centre (NCSC), Cyber...

Bridewell, a UK cyber security firm announces that it has been accredited by the Government’s National Cyber Security Centre (NCSC) to provide CHECK penetration testing to government, public sector bodies, and organisations under the UK’s critical national infrastructure (CNI). CHECK-authorised penetration CHECK-authorised penetration tests on CNI systems and networks are conducted by verified companies using NCSC-recognised methods and by staff who hold NCSC-approved qualification...

The CEO of the National Cyber Security Centre has called for robust security systems in the early development of AI, amidst concerns that proper security measures are being overlooked.  As businesses race to develop new AI products, a former intelligence chief explained that malicious attacks could have a “devastating” effect due to the rate AI is being developed in comparison to security. UK’s AI whitepaper AI is set to play a huge role in many aspects of everyday life...

The National Cyber Security Centre (NCSC) and The SANS Institute have announced details of the fourth edition of CyberThreat, a technical and interactive Summit which will be hosted in-person at the Novotel London West, Hammersmith, London, and available virtually on Monday 20th and Tuesday 21st November 2023.  CyberThreat 2023 One of the largest cyber security conferences in the UK, CyberThreat 2023 will bring together the global cybersecurity community for exclusive keynotes and ta...

Who do you trust to keep your children’s personal data safe? Who protects their educational data in schools? Who currently has access to it? And who should have access to it? These questions are more pressing than ever before, with over three-quarters (78%) of UK schools having experienced at least one type of cyber-incident, according to a recent National Cyber Security Centre (NCSC) and National Grid for Learning (LGfL) audit. Data breaches With the sheer number of data brea...

Over three-quarters, (78%) of UK schools have experienced at least one type of cyber-incident, according to a recent National Cyber Security Centre (NCSC) and National Grid for Learning (LGfL) audit. OmniIndex, the secure Web3 data platform, has called on the education sector to take steps to ensure its data is adequately protected. Cyberattacks Cyberattacks on educational institutions have been on the rise for some time. In early January 2023, it was reported that confidential data from 14 U...

The SANS Institute announces the appointment of the UK’s National Cyber Security Centre’s (NCSC) founder and former head Ciaran Martin, CB, as Director of SANS CISO Network and Summits EMEA. Respected as a pioneer among public authorities for cybersecurity, Martin is able to offer SANS and its global community a unique perspective on successfully managing global cyber threats at a national level. Facilitating further preparedness As Director of the SANS CISO Network and Summits in...

From reassessing cybersecurity measures which were put in place during the pandemic and understanding how to recover from a cyberattack, to revised legislation, Distology highlights the biggest trends which will impact the cybersecurity space in 2023. Recent research from the specialist IT cybersecurity distributor found that more than a third (36%) of IT leaders believe that attacks becoming more sophisticated and targeted in nature will be the biggest disrupter of the cybersecurity sphere ove...

Telesoft Technologies (Telesoft), a globally renowned company in cyber security solutions, has announced its latest state-of-the-art security offering - a 24/7, UK-based Managed Detection and Response (MDR) service. Manned by a team of highly skilled cyber analysts - based in a UK Security Operations Centre (SOC) - this invaluable service continuously monitors an organisation’s network traffic for 24 hours a day and 365 days a year. Managed Detection and Response (MDR) Telesoft Technolo...

The National Cyber Security Centre (NCSC) and SANS Institute have announced details of the third edition of CyberThreat - a technical and interactive Summit that will be hosted virtually and in person. The event, designed for technical professionals across the cybersecurity industry, will return on September 12th and 13th at the Park Plaza, Westminster Bridge in London, encouraging global knowledge sharing and expertise across defensive and offensive disciplines. CyberThreat Summit CyberThrea...

UK organisations are being urged to bolster their cyber security resilience in response to malicious cyber incidents in and around Ukraine. It comes after the National Cyber Security Centre (NCSC), which is part of GCHQ, updated its guidance to UK companies and organisations last week.  The NCSC is investigating the recent reports of malicious cyber incidents in Ukraine. Incidents of this nature are similar to a pattern of Russian behaviour seen before in previous situations, including the...

The impact of the COVID-19 pandemic has accentuated our digital dependency, on a global scale. Data centres have become even more critical to modern society. The processing and storage of information underpin the economy, characterised by a consistent increase in the volume of data and applications, and reliance upon the internet and IT services. Data centres classed as CNI As such, they are now classed as Critical National Infrastructure (CNI) and sit under the protection of the National Cybe...

The Student Loans Company (SLC) has spent over 76,800 pounds on cyber security training for its staffers, over the two most recent financial years (FY 19/20, FY 20/21), according to official figures. The data obtained and analysed using the Freedom of Information (FOI) Act by Griffin Law, the niche litigation practice, shows that nearly 20,000 specialist courses were completed in areas, such as phishing, password protection, bribery, corruption, and privacy standards. The data shows that 9,334...

The National Cyber Security Centre (NCSC), together with the Cabinet Office, DCMS and Home Office, has recently launched the latest phase of its Cyber Aware campaign. This included a self-assessment tool on the website to help sole traders and micro businesses check how safe they are from cyber threats and to give advice on areas of improvement. The increased use of email, online payments and collaboration software has brought great benefits to businesses, including the construction sector, but...