Last Thursday, the National Cyber Security Centre (NCSC) released a new guide aimed at small and medium-sized businesses (SMBs) to help them minimize the potential impact of cyber attacks while using online services.
The “Secure Use of Online Services Guide” is specifically designed for businesses that may not have dedicated IT and support personnel, according to the NCSC. Amelia H from the NCSC’s economy and society team stated that the guide was tailored for small and medium-sized enterprises, as the existing cloud security guides mainly focus on IT professionals and contain more technical details that may be overwhelming for them. This new guide will assist SMBs in using online services more securely and lowering the chances of becoming victims of cyber attacks.
Today, an increasing number of SMBs rely on cloud or online services for their day-to-day operations, including email and instant messaging communication, cloud storage, website/store hosting, online accounting and invoicing, or simply engaging with customers through social media.
If a ransomware attack prevents you from accessing your computer or if your online accounts are locked, how long can your business continue to operate without these crucial functionalities?
The guide consists of 10 pages of practical advice, covering everything from selecting the right services and backing up data to domain security, creating and protecting user/administrator accounts, and defending against malware. It also provides guidance on utilizing built-in security features in popular cloud services and how to recover hacked accounts or services after an attack.
According to a government report, at least 32% of UK businesses have experienced security vulnerabilities or cyber attacks over the past 12 months, since April 2023. Medium-sized enterprises have been targeted by attacks in 59% of cases.
In November of last year, the UK’s National Cyber Security Centre (NCSC), the US Cybersecurity and Infrastructure Security Agency (CISA), and 16 other international agencies released a new guide on the security of artificial intelligence (AI) systems. The “Security of AI Systems Development Guide” aims to provide developers with guidance to ensure that security remains a core component throughout the design, development, deployment, and operation of AI systems. However, other stakeholders involved in AI projects can also benefit from this information.
This new guide has been endorsed and jointly signed by 21 organizations and departments from 18 countries, including the US National Security Agency, the Federal Bureau of Investigation, the Canadian Centre for Cyber Security, the French National Cybersecurity Agency, the German Federal Office for Information Security, the Singapore Cyber Security Agency, and the Japan Cybersecurity Incident Response Teams Coordination Center. NCSC CEO Lindy Cameron stated in a press release, “We know that artificial intelligence is evolving at an astonishing pace, and we need to keep pace with it through coordinated action between governments and industries. These guidelines represent an important step towards shaping a true global consensus on the network risks and mitigation strategies concerning AI.”
Reference: NCSC Publishes Practical Security Guidance For SMBs – Infosecurity Magazine (infosecurity-magazine.com)