The National Cyber Security Centre (NCSC) has advised business owners to take action following Russia’s invasion of the Ukraine. With the cyber threat heightened, the NCSC has said that organisations should act on improving their resilience and bolster their online defences.

Whilst the NCSC – which is part of GCHQ - is not aware of any current specific threats to UK organisations, there has been an historical pattern of cyber-attacks on Ukraine with international consequences.

The most important thing for organisations of all sizes to do is to make sure that the fundamentals of cyber security are in place to protect devices, networks, and systems, with suggested actions to take as follows:

l Check your system patching - Ensure your users’ desktops, laptops and mobile devices are all patched, including third party software such as browsers and office productivity suites. If possible, turn on automatic updates.

l Verify access controls - Who has access to your systems and how, passwords, multi-factor authentication, old or unused accounts etc?

l Ensure defences are working - Anti-virus software, firewalls etc

l Logging and monitoring - Ensure systems are up to date

l Review your backups - Are they running correctly, do you have an offline back up?

l Incident plan - Make sure you have one and it’s up to date.

l Check your internet footprint - Ensure that records of your external internet-facing footprint are correct and up to date.

l Phishing response - Are processes in place for staff to report phishing emails?

l Third party access - Remove any access that is no longer required and ensure you understand the security practices of your third parties.

l NCSC services - Check your CiSP account works to share information of threats and register for the Early Warning service.

l Brief your wider organisation - It is essential that the wider business understands the situation and that they are on the lookout for and understand how to report anything suspicious.

If you’d like to learn more about protecting your business from cyber threat, Armstrong Watson will be hosting a free webinar on Wednesday, April 9, at 9.15am visit to register or view the recording, or to speak with our Client Technology team email or call 0808 144 5575