Intelligent CISO Issue 17 | Page 18

cyber trends THE MINIMUM CYBER SECURITY STANDARD DEFINES THE MINIMUM SECURITY MEASURES ORGANISATIONS AND AGENCIES MUST IMPLEMENT. BUT WHILE AWARENESS OF THIS STANDARD IS HIGH (98%), ORGANISATIONS HAVE NOT SEEN THE DIP IN CYBERATTACKS THAT YOU WOULD EXPECT, AS MORE HAD EXPERIENCED OVER 1,000 ATTACKS IN 2018 THAN IN 2017, ACCORDING TO THE FINDINGS OF AN FOI REQUEST CONDUCTED BY SOLARWINDS. SASCHA GIESE, HEAD GEEK AT SOLARWINDS, TALKS THROUGH THE KEY FINDINGS FROM THE SURVEY AND IDENTIFIES HOW THE PUBLIC SECTOR CAN MANAGE THE EVER- INCREASING CYBERSECURITY CHALLENGE IN THREE POINTS. Building the foundations to support every cybersecurity strategy P ublic sector organisations are now working to meet the new standards released last year by the National Cyber Security Centre. The Minimum Cyber Security Standard defines the minimum security measures organisations and agencies must implement with regards to protecting information, technology and digital services. With the standard marking its one-year anniversary this summer, it’s good for UK government departments and public sector organisations to evaluate their progress in meeting this standard, what challenges they’re facing and what priorities they still need to monitor. This is the first technical standard issued and is designed to continually ‘raise the bar’ and address new threats or classes 18 of vulnerabilities that can cause chaos for organisations and constituents alike. Awareness doesn’t equate to action In a recent FOI request, 98% of respondents from central government and NHS organisations noted they’re aware of the Minimum Cyber Security Standard, which is positive. However, this awareness doesn’t seem to correlate with as much of an anticipated dip in cyberattacks. While the overall percentage of public sector respondents who experienced a cyberattack in 2018, compared to 2017, decreased (38% experienced no cyberattacks in 2018, while 30% experienced none in 2017), more organisations experienced over 1,000 cyberattacks – 18% in 2018 compared to 14% in 2017. Similarly, there could be another risk that the standard will only be seen as a collection of checkboxes to tick, without Issue 17 | www.intelligentciso.com