Shake-up needed to stop decades-old problems blighting security
A new initiative to help everyone from local authorities down to small businesses to check their cyber fitness was launched at the National Cyber Security Centre’s (NCSC) CyberUK conference today (April 25).
The debut of ‘Exercise in a Box’ as a free online tool comes days after the launch of a security alert logging utility aimed at smaller organizations.
The technologies – both released through the NCSC – are collectively designed to give organizations better visibility into security problems combined with a worked through incident response strategy.
NCSC technical director Ian Levy told reporters at CyberUK that a complete rethink of cybersecurity was needed in order for industry to stop making obvious mistakes that resulted in data breaches and worse.
Levy explained: “If you look across the incidents that we’ve managed over the last couple of years, a large proportion of them are due to a lack of good [cyber] hygiene. It doesn’t really matter whether it’s ransomware or some other sort of malware – it’s the initial way of getting in that we are trying to stop.
“We still see [the same] very common things happen that we saw 15 years ago,” he added. “We’ve got to find some way of changing it. It’s obvious that the way we’ve been trying to get people to change it hasn’t worked, so we have to try something new.”
Captain’s log
Servers, security appliance, firewalls, and antivirus tools all log activity. Commercial tools such as SIEMs also help make sense of the mountains of data generated by networking devices in order to identify the tell-tale signs of security incidents that have existed for some years.
NCSC has advised organizations to conduct log analyses for just as long. However, the problem is that the tech is either “really expensive” or requires a level of expertise that smaller organizations – the frequent target of cyber-attacks – don’t have access to, Levy explained.
To overcome the gap, the NCSC released a basic work-in-progress open source security logging utility, dubbed ‘Logging Made Easy’, last week.
The tool bundles multiple open source utilities that together provide the functionality to detect attacks in Windows environments.
“We want to take the pain away from people and make it more likely to stop these attacks,” Levy said.
Logging Made Easy – which is still an early stage alpha release – can be downloaded via GitHub.
Cyber tone up
Exercise in a Box is designed to increase resilience by using real life scenarios and providing tailored guidance.
There are two types of exercise to choose from a technical simulation and table top discussion – both of which revolve around scenarios based on common cyber threats.
The first version of the tool has been tested by local government, small businesses, and the emergency services prior to its launch.
Exercise in a Box users can practice in their own time, in a safe environment, as many times as they need.
Just like having a fitness tracker, the tool enables players to monitor their progress, according to the NCSC. Instead of muscles, the tool is designed to tone up defence and response mechanisms.
The tech is designed to complement existing cybersecurity measures, including Cyber Essentials and the Small Business Guide. Exercise in a Box also includes a package of bespoke information and support from NCSC technical experts.
More complex scenarios appropriate to organizations of all sizes, across different economic sectors, are in the development pipeline.
RELATED GCHQ to share threat intelligence with UK businesses