The UK’s National Cyber Security Centre (NCSC) has published a report created by the collaborative research efforts of the cyber security authorities from Australia, Canada, New Zealand, the UK and the USA. The purpose of the report is to support organisations in limiting the effectiveness of cyber attacks and to support detection within organisational IT systems.
Supporting the publication of the report, Ciaran Martin, CEO of the NCSC stated:
“....it is an urgent national priority to address two issues – protecting critical infrastructure, services and ourselves at all levels from cyber attacks and the growing problem of rampant global cyber crime.”
In addition to the report, the UK and the US have issued a joint statement on the malicious cyber activity carried out by the Russian government. The statement directs all organisations to review the severity of the technical alert and act on the recommended mitigating strategies. 9ine's summary of the alert can be found here.
In order to be compliant with current EU data protection law [the GDPR], all organisations must evaluate their risks, given the technical alert, and determine what proportionate organisational and technical measures are required to mitigate the threat.
"We are calling out unacceptable behaviour by hostile states and giving our businesses the specific information they need to defend themselves." Ciaran Martin, CEO of the NCSC
At 9ine’s Regional Training Centre in Zurich last week, schools from across Europe undertook practitioner-led training on the cyber security frameworks that can be used to evaluate and mitigate against risks. The training covered the following areas:
- Adequate Security Mandated by Law
- Cyber Security Assessment Models
- Criminal student fee fraud
- Malicious student attack
- Sextortion attack
- Numerous phishing campaigns
- Internal DDoS Attack, triggered by Student/Staff
- In practice - how to evaluate your organisation’s risk and susceptibility to a cyber attack
- Measures to you reduce these cyber attack vectors
- Frameworks to ratify the measures you have in place
“A well rounded, informative and useful training day on a fairly recent topic in the IT world that is slowly but surely becoming a need to know.” International School of Zug and Luzern
Working collaboratively, organisations can reduce the cost and complexity of managing cyber security threats. 9ine’s Cyber Defence Essentials and Cyber Training services give schools access to the resource, support and expertise required to manage cyber threats.
“Cyber security is an integral part of data protection. Breaches of security within the IT arena usually have a human error component, so any data protection office member needs to have a grasp of the issues.” ACS International Schools
Cyber Training: Registration is open for our next cyber training events in December and January, in both London and Zurich. For costs and to reserve your place, get in touch with firstname.lastname@example.org.