UK cyber crime body urges business to prepare for long haul over Russian conflict

Cyber security experts today urged UK organisations to prepare for an extended period of heightened threat in relation to the Russia-Ukraine conflict as they published new guidance aimed at supporting staff resilience.

Cyber security experts have urged UK organisations to prepare for an extended period of heightened threat in relation to the Russia-Ukraine conflict as they published new guidance aimed at supporting staff resilience.

The guidance from the National Cyber Security Centre (NCSC) – a part of GCHQ – is the latest in a series of interventions which began in January with advice to help organisations bolster their cyber defences in response to the developing situation in and around Ukraine.

It sets out eight steps for sustaining a strengthened posture when systems, processes and the workforce remain under pressure, focusing on staff welfare as a direct contributor to maintaining an organisation’s resilience.

The NCSC assesses the cyber threat to the UK as a result of the conflict remains heightened and organisations are urged to not let their guard down and to consult the new guidance to prepare for longer-term resilience.

Paul Maddinson, NCSC Director for National Resilience and Strategy, said: “From the start of the conflict in Ukraine, we have been asking organisations to strengthen their cyber defences to help keep the UK secure, and many have done so.

“But it’s now clear that we’re in this for the long haul and it’s vital that organisations support their staff through this demanding period of heightened cyber threat.

“We have produced new guidance to help organisations do this, and I would encourage them to follow our advice to help sustain their strengthened cyber posture.”

The guidance is designed to be applicable to any period of sustained heightened cyber threat, including the one arising from events in and around Ukraine. A blog post, published today, sets out how the advice relates to the current geopolitical situation.

It advises that increased workloads for cyber security staff over an extended period can harm wellbeing and lead to lower productivity, with a potential rise in unsafe behaviours or errors.