Welcome to our

Cyber Security News Aggregator

.

Cyber Tzar

provide a

cyber security risk management

platform; including automated penetration tests and risk assesments culminating in a "cyber risk score" out of 1,000, just like a credit score.

A call to protect the nation’s data

published on 2022-06-06 14:26:54 UTC by
Content:

On May 26, the UK Government published a policy paper calling for views on the development of a ‘stronger risk management framework to address risks associated with data storage and processing infrastructure’.

The number of organisations utilising cloud computing services to store data has more than doubled in recent years, with the Office for National Statistics (ONS) reporting that 53% of organisations leverage cloud platforms.

By publishing a call for views, there is no doubt that the UK Government seek to understand the impact and threats associated to this widescale change in operations.

The policy paper was published by the Department for Digital, Culture, Media & Sport and seeks to gain an understanding of the potential risks that data storage services are facing, and some of their key customers.

As such, the call for view concerns UK data storage and processing infrastructure such as data centres, cloud platforms and managed service providers (MSPs). Following the deadline, on July 24, the government are set to review feedback and publish a response.

The targeting of data centres, cloud platforms and MSPs remains a lucrative attack vector to advanced persistent threat groups (APTs) and exploitation of such avenues has appeared to gain momentum over the past year.

In December 2021, it was reported that a Russian APT threat Nobelium, who were also responsible for the SolarWinds compromise, were targeting cloud computing providers to achieve widespread exploitation and move laterally into organisations systems.

Additionally, in January, Cisco Talos reported that threat actors were leveraging public cloud service providers to spread several remote access trojans (RATs) including Nanocore, Netwire, and Async.

The call for view also falls less than a month after the the National Cyber Security Centre (NCSC), alongside other members of the Five Eyes intelligence alliance, released an advisory to MSPs and their customers to highlight a heightened risk of attacks.

The publication of this advisory, alongside the call to view for UK data storage vendors, and a recent increase in threat actors targeting cloud infrastructure, highlights how protection of these services is of national interest.

The call for views signifies an acknowledgement that the bolstering of defences is required to protect the nation and safeguard key infrastructure. As the threat landscape continuously changes, and key political events continue to influence an uptick in cyber warfare, it is a prominent time for the Government seek to understand potential threats to strengthen resilience.

For further guidance on best practice of using cloud services securely, organisations are encouraged to review the NCSC’s Cloud Security guidance.


Reporting

Report all Fraud and Cybercrime to Action Fraud by calling 0300 123 2040 or online. Forward suspicious emails to report@phishing.gov.uk. Report SMS scams by forwarding the original message to 7726 (spells SPAM on the keypad).


Article: A call to protect the nation’s data - published over 2 years ago.

https://www.emcrc.co.uk/post/a-call-to-protect-the-nation-s-data   
Published: 2022 06 06 14:26:54
Received: 2022 06 19 14:34:19
Feed: The Cyber Resilience Centre for the East Midlands
Source: National Cyber Resilience Centre Group
Category: News
Topic: Cyber Security
Views: 0

Custom HTML Block

Click to Open Code Editor