Aktuelles
Chris Vaughan, Tanium: Funded Cyber Essentials Program
January 2023 by Chris Vaughan AVP - Technical Account Management – EMEA, Tanium
After the news that small organisations in high-risk sectors
such as charities and legal aid firms, will be offered free
cybersecurity assistance from the UK government through the Funded Cyber
Essentials Program, launched by the National Cyber Security Centre
(NCSC) this week.
The initiative will provide 20 hours of expert support to help
organisations implement the five technical measures required for Cyber
Essentials certification, which includes firewalls, secure settings,
access controls, malware and software updates. This will be followed by
hands-on verification that the measures are in place, with a view to the
organisation achieving Cyber Essentials Plus, the highest level of
certification offered in the UK under the Cyber Essentials scheme. The commentary from Chris
Vaughan, VP - Technical Account Management, EMEA at Tanium who discusses
how helping these small organisations is important because they often
have low levels of resources and expertise available to combat cyber
threats.
"Cyber Essentials is a fantastic initiative which has helped many
organisations become more resilient against cyber attacks. The scheme is
growing each year and this latest announcement will expand the help
offered to two not-for-profit sectors that are regularly targeted by
cyber attacks: charities and providers of legal-aid. Helping these small
organisations is important because they often have low levels of
resources and expertise available to combat cyber threats. I have seen
attacks aimed at these types of targets in the past and it’s awful to
see their good work in helping people be disrupted. Their donations are
vital to keep them running, so seeing money being spent on recovering
from a cyber attack like ransomware rather than being directed into the
important causes that they are supporting has to be stopped. _
_ _
_Cyber Essentials shines a much needed light on the prevention of cyber
incidents. In recent times, too much focus has been placed on dealing
with attacks after they have already breached a network rather than
trying to avoid a successful attack in the first place. Preventing all
attacks isn’t realistic of course, but there are a number of simple
measures outlined in Cyber Essentials that can be put in place to
prevent the majority of attacks from being successful. A Tanium report
titled, "Cybersecurity: Prevention Is Better than the Cure [4]" looks at
the attitudes of UK organisations about reaching a balance between
preventative and reactive measures. It found that 90 percent of Director
level respondents agree that ’the majority of cyberattacks that we have
experienced within our organisation have been in some way avoidable’. It
also found that 68 percent of respondents believe that a predominantly
preventative approach to cybersecurity is best, whereas a primarily
reactive approach is favoured by only 32 percent. Finally, 85 percent of
respondents surveyed agreed that there is a greater cost to recover from
a cybersecurity incident than to prevent one.
_These findings show the need for Cyber Essentials, especially at a
time when the economy is struggling and cybersecurity funding can become
a lower priority for some businesses."
