NCSC releases supply chain cybersecurity guidance

Image source: istock.com/Alzay

The National Cyber ​​Security Center (NCSC) and a number of international partners have released a joint advisory advisory containing guidance on cyber protection in the supply chain.

He linked the initiative to incidents such as the attack via network management software Solarwinds in 2020, whose customers included a range of UK public sector and defense organisations, and concerns about an increase in attacks following Russia’s invasion of Ukraine.

The board includes a series of practical steps for managed service providers (MSPs) and their customers and has been published with the US Cyber ​​and Infrastructure Security Agency, National Security Agency and Federal Bureau of Investigation, and the Australian Cyber ​​Security Centre, Canadian Center for Cyber ​​Security and the New Zealand National Cyber ​​Security Centre.

The NCSC said that MSPs provide IT support to their customers in different ways, such as through cybersecurity software or services, and to do so they are granted privileged access to a customer’s network. This can create opportunities for attackers, who can gain access to an organization’s network by compromising their MSPs.

Recommendations include improving monitoring and login processes, enforcing multi-factor authentication, segregating internal networks, and enforcing the principle of least privilege.

Building Resilience

NCSC CEO Lindy Cameron said: “We are committed to further strengthening the UK’s resilience, and our work with international partners is an essential part of this.

“Our joint advice with international partners aims to raise awareness among organizations of the growing threat of supply chain attacks and the steps they can take to reduce their risk.”

About Donald J. Beadle

Check Also

Security Services Cybersecurity Market Landscape, Research Methodology, Business Opportunities, Statistics and Analysis by 2027

Security Services Cybersecurity Market report covers a myriad of aspects of market analysis that many …