Latest news with #NCSC
Yahoo
15 hours ago
- Business
- Yahoo
Simple ways employees can prevent cyber attacks
The scale and complexity of cyber threats facing large organisations today have never been greater. From targeted ransomware attacks to internal data leaks, the risk landscape is evolving rapidly. For large enterprises, which often hold vast quantities of sensitive data and critical infrastructure, robust cyber security measures are no longer optional—they're essential for resilience, reputation, and regulatory compliance. Effective cyber security strategy requires a layered, proactive approach. While technology plays a significant role, success depends just as much on leadership, policy, and staff behaviour. This article outlines key cyber security advice for large organisations, using guidance from trusted sources like the UK's National Cyber Security Centre (NCSC), and highlights best practices that will remain relevant as threats evolve. Build a strong governance framework For any organisation with complex systems and a large workforce, cyber security governance is the foundation on which all defences rest. Clear governance ensures that security responsibilities are defined at every level, from board members to frontline staff. Start by establishing a formal cyber security strategy aligned with your wider business objectives. The board should have visibility of cyber risks, supported by senior leaders with appropriate expertise, such as a Chief Information Security Officer (CISO). Risk ownership must be assigned, and accountability built into every level of the organisation. The NCSC recommends adopting frameworks such as the Cyber Assessment Framework (CAF), which helps assess your organisation's ability to manage cyber risks to essential services. Implement regular audits and maturity assessments to identify gaps and ensure continuous improvement. Risk management should extend beyond the organisation's boundaries. Third-party vendors, contractors, and supply chains are common entry points for attackers. Ensure that partners adhere to comparable security standards and include cyber clauses in all contracts. Carrying out regular supplier risk assessments can significantly reduce exposure. Invest in layered technical defences Large organisations typically manage a diverse mix of legacy systems, cloud services, and mobile infrastructure—all of which can introduce vulnerabilities. Implementing a layered, defence-in-depth approach can prevent a single point of failure from compromising your entire network. At the perimeter, firewalls, intrusion detection systems (IDS), and secure gateways can help block unauthorised traffic. Within the network, segment systems by function or sensitivity to limit the impact of a breach. For instance, sensitive HR data should never reside on the same network as public-facing services. Endpoint protection should include next-generation anti-virus software, real-time monitoring, and automated incident response capabilities. Ensuring that systems are regularly patched is vital; unpatched software remains one of the most exploited weaknesses. Cloud security requires its own set of controls. Apply the principle of least privilege to user accounts, enforce strong authentication (ideally multi-factor authentication), and monitor usage through centralised dashboards. Encrypt data both in transit and at rest to safeguard against interception or theft. Backup strategies are equally critical. Maintain secure, off-site backups of all essential data and test your recovery processes regularly. Many ransomware attacks attempt to corrupt backups first, so isolating them from the main network is best practice. Prioritise staff awareness and secure behaviours While sophisticated malware grabs headlines, many breaches result from simple human error—phishing emails, weak passwords, or misconfigured permissions. Cultivating a culture of security awareness is therefore one of the most cost-effective defences an organisation can implement. Regular training should cover not just technical knowledge, but also behavioural aspects. Teach employees how to spot suspicious messages, how to handle sensitive data, and the importance of reporting incidents quickly. Cyber security awareness should be embedded into onboarding processes, and updated through ongoing campaigns or simulated phishing exercises. Adopt strong access control policies across the organisation. Encourage the use of password managers and enforce minimum standards such as length, complexity, and uniqueness. Where possible, use biometric or multi-factor authentication to reduce the risk of credential theft. Set clear policies for remote work, device use, and data sharing. As hybrid and mobile working becomes the norm, organisations must secure both corporate and personal devices. Deploy mobile device management (MDM) solutions and ensure secure virtual private network (VPN) access for all remote users. Incident response plans should be tested regularly so staff know how to act quickly and effectively during a breach. Knowing who to contact, what evidence to preserve, and how to contain the incident can dramatically reduce the impact of an attack. The takeaway Cyber security for large organisations is not a single solution but a continuous process. It combines governance, technology, and people in a coordinated effort to reduce risk and increase resilience. By implementing strong governance structures, maintaining layered technical defences, and promoting a culture of cyber awareness, organisations can better prepare for the threats of today—and those yet to come. As cyber attackers grow more sophisticated, the importance of forward-thinking, holistic strategies cannot be overstated. Large organisations must remain agile, informed, and committed to continuous improvement in their security posture. By doing so, they protect not only their data and systems but also the trust of customers, partners, and the public at large. "Simple ways employees can prevent cyber attacks" was originally created and published by Retail Insight Network, a GlobalData owned brand. The information on this site has been included in good faith for general informational purposes only. It is not intended to amount to advice on which you should rely, and we give no representation, warranty or guarantee, whether express or implied as to its accuracy or completeness. You must obtain professional or specialist advice before taking, or refraining from, any action on the basis of the content on our site. Sign in to access your portfolio
Time of India
a day ago
- Time of India
Britain's NCSC detects 'limited number' of UK victims in Microsoft hack campaign
Microsoft on Saturday issued an alert about "active attacks" on SharePoint servers used within organisations. It said that SharePoint Online in Microsoft 365, which is in the cloud, was not hit by the exploit, also known as a "zero day". Tired of too many ads? Remove Ads Britain's National Cyber Security Centre (NCSC) said on Monday it had detected a "limited number" of UK-based victims in an ongoing hacking campaign that has affected servers using Microsoft 's SharePoint on Saturday issued an alert about "active attacks" on SharePoint servers used within organisations. It said that SharePoint Online in Microsoft 365, which is in the cloud, was not hit by the exploit, also known as a "zero day".
Reuters
a day ago
- Reuters
Britain's NCSC detects 'limited number' of UK victims in Microsoft hack campaign
LONDON, July 21 (Reuters) - Britain's National Cyber Security Centre (NCSC) said, opens new tab on Monday it had detected a "limited number" of UK-based victims in an ongoing hacking campaign that has affected servers using Microsoft's (MSFT.O), opens new tab SharePoint system. Microsoft on Saturday issued an alert about "active attacks" on SharePoint servers used within organisations. It said that SharePoint Online in Microsoft 365, which is in the cloud, was not hit by the exploit, also known as a "zero day".
CNA
a day ago
- CNA
Britain's NCSC detects 'limited number' of UK victims in Microsoft hack campaign
LONDON :Britain's National Cyber Security Centre (NCSC) said on Monday it had detected a "limited number" of UK-based victims in an ongoing hacking campaign that has affected servers using Microsoft's SharePoint system. Microsoft on Saturday issued an alert about "active attacks" on SharePoint servers used within organisations. It said that SharePoint Online in Microsoft 365, which is in the cloud, was not hit by the exploit, also known as a "zero day".
The Sun
4 days ago
- Politics
- The Sun
UK sanctions Russian GRU officers over cyberattacks and espionage
LONDON: Britain has identified a sophisticated digital espionage tool and imposed sanctions on over 20 Russian spies, hackers, and agencies for a sustained cyber campaign targeting European governments and institutions. The National Cyber Security Centre (NCSC) revealed that malware developed by Russia's GRU military intelligence agency was used to steal login credentials from Microsoft cloud accounts. The UK foreign ministry sanctioned three GRU units and 18 officers, including individuals linked to attacks on Mariupol during the Ukraine war and the poisoning of former Russian spy Sergei Skripal in 2018. Foreign Minister David Lammy stated, 'GRU spies are running a campaign to destabilise Europe, undermine Ukraine's sovereignty, and threaten British citizens.' British authorities have repeatedly accused Moscow of orchestrating cyberattacks, sabotage, and assassinations. Russia denies the allegations, calling them politically motivated. The Russian embassy in London did not immediately respond to requests for comment. The NCSC identified GRU units 29155, 26165, and 74455 as responsible for cyberattacks on media, telecoms, political institutions, and energy infrastructure across Europe. These include the 2015 German Bundestag hack, the 2016 U.S. Democratic National Committee breach, and cyberattacks on the 2024 Paris Olympics. A hacking group, APT 28 (part of GRU unit 26165), developed malware named 'AUTHENTIC ANTICS,' which tricks Microsoft users into entering credentials on fake login pages. The NCSC did not disclose specific targets. Microsoft has yet to comment. The UK also sanctioned leaders of 'African Initiative,' a Russian-funded disinformation operation in West Africa. Britain has increased military spending to counter cyber threats and nuclear risks from Russia. - Reuters
