Early Warning should complement your existing security controls
We hardly need reminding of the clear and present danger posed by cyber criminality, but what if you were able to get a heads up that an attack on your system was imminent – would that help? Well, such a system exists in the form of the National Cyber Security Centre’s (NCSC) Early Warning Service, and its FREE!
The NCSC support all cyber activity across the UK, from the most critical organisations, the wider public sector, industry, SMEs and the general public, helping to make the UK the safest place to live and work online.
We asked DTG’s Cyber Security Consultant, Tim Gowling to explain more about the Early Warning Service.
Tim, what exactly is this service designed to do?
The service aims to inform organisations as soon as possible of potential cyber attacks on their network. Millions of events are filtered daily and those relevant to a given organisations specific IP and domain names are correlated into daily notifications via an Early Warning portal. The service uses a variety of information feeds from the NCSC, trusted public, commercial and closed sources, which includes several privileged feeds which are not available elsewhere.
Who is eligible for the service and how much does it cost?
The service is free and open to all UK organisations who hold a static IP address or domain name. Whilst the service does not carry out any active scanning of an organisation’s networks, some of the commercial feeds monitored may use scan derived data.
What sort of attacks can be detected?
The service generates three high level alerts. Incident Notifications highlight activity that suggests an active compromise of your system, such as a malware attack. Network Abuse Events indicate when your assets have been associated with malicious or undesirable activity, such as a client scanning the internet. Finally, Vulnerability and Open Port Alerts identify vulnerable services running on your network, or potentially undesired applications that are exposed to the internet, such as an Elasticsearch service.
What are the benefits of signing up for this service?
By signing up, you can have increased confidence in the security of your network. You will be alerted to the presence of malware and vulnerabilities affecting your network, enhancing your organisation’s security by increasing your awareness of the low-grade incidents which could become much bigger issues, so you can act on them earlier.
It must be stressed however, that whilst there are no downsides to this scheme, this should not be used as the only layer of defence for a network. Early Warning should complement your existing security controls.
How can DTG help further?
DTG recently launched a revolutionary Industrial Cyber Assessment tool (CAsT), which identifies security weaknesses in Industrial (OT) systems and offers solutions to increase an organisations resilience to emerging cyber threats.
DTG can also provide bespoke Industrial (OT) Cyber Security training for staff, available in various formats including traditional face to face, online live webinar or on demand e-Learning modules.
Our combined approach offering OT Cyber Training in conjunction with the CAsT application is a game changer for process industries looking to improve their OT cybersecurity in critical infrastructure.
For more information, contact us at [email protected] or visit our website www.digtechgroup.com.
Read our previous Cyber related blogs!
NSA Issue Cybersecurity Advisory on Operational Technology
Healthcare Sector Not Immune to Cyber Attack – Even in a Pandemic