We’re rounding up some of the biggest cyber security stories of the past few weeks. In October, a group of professionals were awarded chartered status, an inquiry was launched to defend Britain’s CNI from cyber threats, the government committed £70 million to bolster communications and the NCSC outlined new guidance for cloud backups.
First UK chartered cyber security experts recognised
Around 50 professionals became the first recipients of the UK Cyber Security Council’s Chartered Cybersecurity Professional status this week, as they were awarded certificates upon assessment by industry peers.
The event took place at the National Cyber Security Centre (NCSC) offices, hosted by NCSC CEO Lindy Cameron. Those awarded were deemed to have shown exceptional skills, ranging from communication to the highest standards of integrity and ethical values.
Jon France, a recipient of chartered status, said the award represented “a commitment to the continued professionalisation of cyber security as a career, alongside demonstrating competence and expertise that is beneficial to the marketplace, both in the UK and internationally.”
Government committee launches CNI resilience inquiry
The UK is the third most targeted country in the world when it comes to cyber crime, following only the US and Ukraine. The Government Cyber Security Strategy 2022-2030 identified threats to Britain’s Critical National Infrastructure (CNI), highlighting the need for a solid pipeline of talented cyber security professionals.
Digital infrastructure is integral to growth and supporting the delivery of public services, as well as UK national security. Importantly, it upholds much of the country’s CNI, meaning any disruption would have a national impact.
The Science, Innovation and Technology Committee has initiated an inquiry into the resilience of the UK’s CNI and is welcoming submissions on several points. This aims to support the sector and bolster cyber security skills across the country.
£70m committed to next-gen comms
The UK government has pledged £70 million to facilitate the development of “next-generation” communications technology, whilst forming a new Global Coalition on Telecommunications with the US, Australia, Canada and Japan.
Secretary of state for science, innovation and technology, Michelle Donelan, added: “Telecommunications networks are the lifeline of global economies, and safeguarding their resilience and security in an evolving, interconnected world is a top priority for our governments.”
The investment is set to launch the UK as a leader in 6G technology and more, including tools to facilitate space-based and terrestrial networks and improve energy efficiency.
New NCSC principles for resilient cloud backups
The National Cyber Security Centre (NCSC) has published new guidelines for organisations around cloud backups. A recent analysis revealed that threat actors tend to target backups in the early stages of a ransomware attack, putting data in cloud-based services particularly at risk unless vital steps are taken to defend it.
Vendors should demonstrate how their services adhere to these principles, which will in turn allow them to describe their offerings as ‘resistant to ransomware’. For system owners, this NCSC guidance may serve as a starting point to formulate questions for potential suppliers.
The five main principles, summarised, include:
- Backups should be resilient to destructive actions
- A backup system should be configured so that it isn’t possible to deny all customer access
- The service allows a customer to restore from a backup version, even if later versions become corrupted
- Robust key management for data-at-rest protection is in use
- Alerts are triggered if significant changes are made, or privileged actions are attempted