GOV UK releases new guidlnes urging buqiness learders to strenghten cyberattacks protection – Netscout comments
January 2024 by NETSCOUT
Today, the government published its new Code of Practice on cybersecurity governance, which aims to help business leaders strengthen their defences from cyberthreats. The guidelines issued by the UK government also aim to empower organisations to reduce risks associated with business software, protecting organisations, supply chains, staff, and customers.
A key focus of the Code is making sure companies have detailed plans in place to respond to and recover from cyberattacks. The new recommendations also encourage enterprises to provide employees with the necessary skills and awareness of cyber issues to allow them to work confidently alongside new technologies.
Darren Anstee, chief technology officer for security at NETSCOUT, advises business leaders on the importance of threat intelligence and the best practices for improving their cyber resilience:
"As the UK government’s Code of Practice on cybersecurity governance lays out, business leaders must prioritise cyberthreats as a major business risk. This is imperative given the rate of change in the threat landscape, and the effect a successful attack can have on an organisation’s business continuity and reputation.
"The Code of Practice doesn’t call out specific types of cyberthreats, but any risk management or incident handling processes must be broad enough. The Code does mention the need to identity key areas such as important processes, data and services that are critical to a business – but – we must remember that there are many different types of cyberthreats which target these. Each type may have different risks associated with it, and incident handling will also vary.
"Assessing the recommendations listed in the Code of Practice, there is no reference to the importance of working with other organisations or sharing of data. Unfortunately, the bad actors out there are very good at sharing tools and techniques – organisations should follow suit, working with one another, or via industry and government institutions that can facilitate communications.
"The importance of an incident handling plan cannot be overestimated, but testing should take place quarterly, or at worst every half year. Given the rate of change in every business today, testing annually is more likely to focus on where the plan is out date, rather than creating familiarity and optimising processes, which are just as important.
"In terms of implementing and using cybersecurity platforms, there are several best practices business leaders need to adhere to. Firstly, it is imperative for all enterprises to have an overall security strategy, broad enough to cover proactive risk identification and qualification, technology selection, and intelligence sourcing and use. Secondly, the technologies selected should provide consistent visibility across the enterprise, removing blind spots at internal or external borders, and facilitating consistency through the detection, investigation, remediation, forensics and reporting workflow. And, lastly, the whole ecosystem should be as integrated as possible to reduce operational overhead and accelerate response.
"By monitoring global cyber threats and understanding the tactics employed by attackers, businesses can anticipate potential cyberattacks and proactively strengthen their defences."