Security Bytes- UK Cybersecurity insights
Security Bytes - A round up of the latest insights and news from the cyber world
Welcome to Security Bytes, a roundup of must-read articles and interesting news from around the cyber world.
In this edition, Jim Tiller, Global Chief Information & Security Officer and Head of our Nash Squared’s vCISO Practice, focuses on UK Scanners based on an announcement by the UK's National Cyber Security Centre (NCSC). Read on to find out more.
UK Scanners
The UK’s National Cyber Security Centre (NCSC) recently published an announcement that they are now performing ongoing vulnerability scans for all systems internet accessible across the entire country. I find this quite interesting from multiple directions. There’s definitely an Orwellian vibe… knowing the government is constantly scanning your systems for flaws in hopes that information is used to your benefit as opposed to against you.
Of course, there’s the obvious inverse that data collected will provide a nation-wide perspective on the overall degree of exposure and from that prioritise information and to help improve the country’s position, thereby helping to improve yours.
The fact is simply this – you’re being scanned constantly by baddies anyway and they’re not going to let you know you have a hole – e.g., Shodan. Nevertheless, like some of the laws forming in the US and other countries concerning government demands for reporting incidents, it does start to challenge the concept of privacy at the organisational level. Frankly, privacy is a battle arguably being lost at the individual level too. No matter, as an organisation you can embrace it by not filtering two specific IP addresses used by the NCSC or contact them to opt out.
In short, this is not a bad thing and companies
shouldn’t overthink it. At the very least, it’s a free vulnerability scan!
The keys are 1) knowing it’s happening and 2) keeping an eye out for
notifications from the NCSC. From a resource perspective you should be asking- do organisations
have the right skills within their staff to interpret the findings and mobilise
meaningful remediation? Threat and Vulnerability management skills are in
demand and increasing.
You can read more about UK Scanners firstly from NCSC and by Bleeping Computer.
About vCISO
Nash Squared’s global vCISO practice provides cybersecurity leadership expertise in exactly the way you need it. From short-term engagements to assist with major initiatives and critical projects, to longer term strategic support for overall security program effectiveness in a part-time or fractional model. We provide rapid access to world-class senior security experts with the much-needed skills and experience eliminating the need for project-oriented consultancies or having to hire permanent resources.
Related posts
Teaser
PostContent Type
Latest NewsPublish date
04/25/2024
Summary
London, [April 2024] Harvey Nash, the leading global technology recruitment business has named Lola Yesufu from Ireland, the winner of its second Global Contractor of the Year Award in rec
by
Harvey Nash UK
Teaser
PostContent Type
Success StoriesPublish date
04/22/2024
Summary
Improving tech diversity through Harvey Nash NextGen solutionFSB Technology is an award-winning sportsbook platform at the forefront of innovation. During periods of significant growth, FS
by
Harvey Nash UK
Teaser
PostContent Type
Success StoriesPublish date
04/19/2024
Summary
Providing a flexible resourcing model for service excellence transformation. The University of Edinburgh were seeking a recruitment partner to support them in delivering a blended model of
by
Harvey Nash UK
Related jobs
Salary
£450 - £550 per day + Umbrella/PAYE (Inside IR35)
Location
City of London, London
Sector
Financial Services
Location
City of London
Job Type
Contract
Description
Service Now Implementation – CMDB Upgrade – *Fully Remote* A Leading Financial Services business are looking to hire an Configuration and Discovery SME with specific knowledge of implementing and upgr
Reference
BBBH105824_1714206151
Expiry Date
01/01/0001
Author
Thomas UllyottAuthor
Thomas UllyottSalary
£650 - £750 per day + Umbrella/PAYE (Inside IR35)
Location
City of London, London
Sector
Financial Services
Location
City of London
Job Type
Contract
Description
Firewall Engineer - 80% Remote - Long Term Contract A Leading Financial Services firm are looking to hire an experienced Firewall Engineer, ideally who has knowledge of Application Security Policy Imp
Reference
BBBH105823_1714205011
Expiry Date
01/01/0001
Author
Thomas UllyottAuthor
Thomas UllyottSalary
£50000.00 - £55000.00 per annum
Location
Manchester, Greater Manchester
Sector
Other
Location
Greater Manchester
Job Type
Permanent
Description
Position: Test ManagerJob Description:Join a dynamic team at the forefront of transformational projects in the IT sector. As a Test Manager, you play a critical role in bridging the gap between softwa
Reference
BBBH105806_1714197804
Expiry Date
01/01/0001
Author
Alex PalmerAuthor
Alex Palmer