New Analysis by Zscaler of 1500 corporate networks found exposed servers, ports and cloud services in the hundreds of thousands. The research also found over 200,000 unpatched common vulnerabilities and exposures (CVEs), of which almost half were classed as “Critical” or “High” severity.
The expansion in use of cloud services to support working outside of the usual corporate networks, as a result of the coronavirus pandemic, has given cyber criminals an increased attack surface. Unpatched vulnerabilities and unsecured networks can be exploited by malicious users for identity theft, data theft, ransomware or other malware activities.
The NCSC has produced guidance to help organisations better understand securely setting up homeworking and moving businesses online from a physical environment. We also always recommend making sure that your data is backed up and crucially that security patches are applied as soon as is practicable. Advice on assessing and prioritising vulnerabilities may help with your patching regime.
More than 700 data breaches reported by councils in 2020
It has been reported this week that more than 700 councils in the UK reported data breaches in 2020.
The findings, which follow a freedom of information request, highlight the incidents reported to the Information Commissioner’s Office (ICO) and the importance of cyber security for councils across the UK.
Issues highlighted within the report involved ransomware, human error and a lack of funding.
The report, published by RedScan, stresses the importance of a strong cyber security approach with an emphasis on staff training to defend councils against various forms of cyber attack.
The NCSC has published plenty of guidance which can help organisations improve their cyber security:
- 10 steps to cyber security
- Cyber security guidance for boards
- Phishing attacks: defending your organisation
- Mitigating malware and ransomware attack
Guidance for individuals and families who may have been affected by data breaches has also been published. People can follow our advice to lessen the impact of a breach by taking various recommended steps.