Letters: It’s not me, it’s U-kraine
[Re: Ukraine: UK calls on European allies to put more pressure on Russia, Jan 28)
On Friday, the UK’s National Cyber Security Centre (NCSC) advised companies to bolster their defences amid fears cyber-attacks linked to tensions in Ukraine could spill outside of its borders.
This was a welcome intervention on a very real threat. The cyber challenges represented by nation-state actors are different and often use highly sophisticated covert tactics, including attacks on supply chain providers and critical service provider platforms.
However, discussion of the threats highlighted by the NCSC often still overlook the risks specifically posed by cloud services. With more UK organisations relying on cloud providers for their infrastructure, application and data-processing services, organisations must not neglect improvements in cloud security. And the threat is not limited to state actors: a recent Netskope study found that the cloud is now the primary attack surface, with 66 per cent of all malware downloads originating from cloud apps vs. traditional websites.
The Government’s Cyber Security Strategy does address cloud and outlines three actions that should be the starting point for any organisations that want to bolster their defences.
At a time of growing threats, it’s critical that every organisation understands that cloud must be a key part of any robust security strategy.
Neil Thacker