NCSC boosts public sector cybersecurity in 4 steps
For government departments and some public bodies, the National Cyber Security Centre (NCSC) is implementing four steps to improve basic cyber security.
As part of an automated programme, the Active Cyber Defence (ACD) programme will make infrastructure, products and services safer to use.
The measures require no additional money to implement, and are not technically over-complicated, but they will make it more expensive for criminals to carry out attacks.
The four measures are intended to address a significant proportion of cyber attacks that hit the UK by improving ‘basic defences’, therefore reducing the return on investment for attackers.
- Blocking government systems’ access:
The NCSC’s protected domain name server (DNS) service provides automatic protection for public servants by blocking access to malicious addresses, using GCHQ and commercial partners’ data.
- Blocking fake emails from the government:
By the adoption of the DMARC (domain-based message authentication, reporting and conformance) protocol, fake emails purporting to be from the government can be halted by ensuring that the emails are not delivered. So far, over 650,00 emails have been rejected by the service.
- Helping public bodies fix their websites:
Many organisations are still vulnerable to simple cyber attacks because of basic weaknesses in their web-facing services. The free service WebCheck, built by the NCSC, scans websites of public bodies for common vulnerabilities and returns an easy-to-understand report on what needs fixing, and how.
- Removing things from the internet:
For over a year, the NCSC has collaborated with a private sector company, Netcraft, on a phishing and malware countermeasures service to protect the UK, and government brands. To date, the number of attacks taken down by Netcraft has exceeded 62,849.Return to internet news headlines
View Internet News Archive