Cybersecurity risks and the Ukraine Conflict

cybersecurity update rob may blog

This week has left us all shocked as we’ve witnessed the barbaric behaviour and the atrocities unfolding around the invasion of Ukraine. As a result Lindy Cameron, CEO of the National Cyber Security Centre (NCSC) has advised that all UK organisations should protect themselves and be ready for the cyber threats that may come as a result.

You may question why a war 2,000 miles away in eastern Europe is relevant to your business, but the NCSC have advised how cyber-attacks do not respect geographic boundaries and that UK businesses are being targeted by overseas criminals on a daily basis. These attacks may affect your supply chain or one that you are apart of, so the attack doesn’t always have to be directly aimed at your business for you to feel the impact.

As the crisis escalates it is anticipated that we will see more cyber-attacks and there will be many Western businesses who end up as collateral damage in this conflict. Whilst no one can predict exactly how this conflict might effect UK businesses it is sensible that we all take preventative measures to help protect your business against any cyber fallout.

I’m a very proud supporter of The Cyber Resilience Centre and I sit on their Advisory Board in the South East, they have created an excellent template for a Cyber Incident Response Plan, every business should have one of these in place anyway as part of GDPR compliance, however, just in case you haven’t I recommend that you download this as a great starting point and add it to your existing business continuity plan.

The NCSC have also produced a lot of really useful resources including the Cyber Security Guide for Small Businesses published to help you better understand the threat and practical steps you can take to mitigate. We have collated our top 10 steps you can take now to improve your defences.

10 steps to improve your cyber defence

  1. Ensure you have a strong password policy that is policed and maintained.
  2. Ensure that you are using Multi Factor Authentication on Office365 and all key business applications
  3. Ensure that you are training users on how to recognise phishing emails
  4. Ensure you are training users on general cybersecurity good practice
  5. Ensure you are using a business appropriate anti-virus that also protects you against ransomware attacks, such as Sophos InterceptX
  6. Ensure that you are regularly implementing security patches and software updates
  7. Ensure you are managing your user estate, that you know who has access to your system (including third parties) and that you are managing leavers efficiently.
  8. Ensure you have a full back up of all critical systems, including Office 365 understand your recovery position.
  9. Have a documented plan of how users should respond in the event of a breach and a wider plan that details how your organisation will respond.
  10. Understand what logging you have in place, where logs are stored and for how long they are retained.

Should you become the victim of an attack or if you need any advice or support, please don’t hesitate to get in touch, our consultants, support team and forensic response staff are here to help you whenever you need us.

Stay safe and do your part to be cyber smart.

Protect your organisation from Cybercrime.

IT systems are under attack on a daily basis, from a huge variety of cybersecurity threats, find out how to protect your organisation

Related Posts

  • The importance of cybersecurity contingency planning for businesses

    The importance of cybersecurity contingency planning for businesses

    Cybersecurity

    Protect your data from cybercriminals and minimise downtime with an effective cybersecurity contingency plan. Read on. [...]

    Read article

  • How to Spot a Scam HMRC Letter 

    How to Spot a Scam HMRC Letter 

    Cybersecurity

    Learn how to spot fraudulent communications, like fake HMRC letters, and take steps to protect your personal information and finances from scammers. [...]

    Read article

  • What is Data Loss Prevention (DLP)?

    What is Data Loss Prevention (DLP)?

    CybersecurityTechnical Blog

    Explore how Data Loss Prevention (DLP) strategies and tools protect sensitive data, ensure regulatory compliance, and mitigate risks from insider threats, enabling organisations to stay secure and resilient in [...]

    Read article

  • AI-Driven Threat Detection and Response

    AI-Driven Threat Detection and Response

    AICybersecurityTechnical Blog

    This blog explores how AI-driven cybersecurity is transforming threat detection and response with real-time, adaptive defenses against evolving cyber threats. [...]

    Read article

  • Why you should invest in Cybersecurity Consultancy

    Why you should invest in Cybersecurity Consultancy

    Cybersecurity

    n an increasingly complex cyber threat landscape, investing in cybersecurity consultancy is essential to protect your business from potential risks and ensure long-term resilience. [...]

    Read article

  • Everything you need to know about the transition to ISO 27001:2022 

    Everything you need to know about the transition to ISO 27001:2022 

    Cybersecurity

    This blog explains the essential steps and timeline for transitioning from ISO 27001:2013 to ISO 27001:2022, ensuring your organisation maintains its certification before the October 2025 deadline. [...]

    Read article

Quiz yourself

Are you more cyber savvy than an 11 year old?

11-14 year olds get asked these questions in school. Could you get these right?