How Cyber Essentials Plus can help with your business’s cybersecurity

Cybersecurity threats continue to evolve, with ransomware attacks, zero-day vulnerabilities, and supply chain attacks posing significant risks to organizations. To address these threats, organizations can adopt a manageable security framework like Cyber Essentials Plus (CE+). In this article, we will explore how CE+ can help mitigate these three key cybersecurity challenges, providing insights into its principles and best practices for enhanced protection.

Cybersecurity threats are constantly evolving, challenging organizations to adopt robust security measures to protect their data, systems, and operations. Three major threats that have gained notoriety in recent years are ransomware attacks, zero-day vulnerabilities, and supply chain attacks. CE+, a recognized cybersecurity framework, offers a structured approach to address these challenges effectively.

CE+ is an extension of the Cyber Essentials (CE) scheme developed by the UK Government’s National Cyber Security Centre (NCSC) to help organizations of all sizes improve their cybersecurity posture and reduce their threat profile. It provides a set of fundamental security controls and practices to protect against common cyber threats. These controls cover areas such as firewalls, secure configuration, access control, malware protection, and patch management.[1] [2]

Mitigating Ransomware Attacks

Ransomware attacks involve encrypting an organization's data and demanding a ransom for its release. Cyber Essentials Plus can help mitigate these attacks in several ways:

1. Secure Configuration: Implementing secure configurations for all devices and systems helps reduce vulnerabilities that ransomware may exploit.

2. Access Control: Ensuring proper access controls and user authentication mechanisms can limit unauthorized access and reduce the risk of ransomware infiltration.

3. Patch Management: Regularly updating and patching software and systems helps address known vulnerabilities that ransomware actors might exploit.

4. Backups: Secured, regularly scheduled and tested backups ensure data integrity and availability in the event of data loss. system failures or ransomware attacks.

5. Network segmentation: Helps to prevent ransomware attacks by isolating and compartmentalizing network segments, limiting the lateral movement of ransomware within the network and reducing the potential impact of an attack.

Mitigating Zero-Day Vulnerabilities

Zero-day vulnerabilities are software vulnerabilities that have no known patches or fixes at the time of discovery. Cyber Essentials Plus can help organizations address these vulnerabilities through:

1. Allow Listing: Implementing application allow listing can restrict the execution of unauthorized software, reducing the potential for exploiting unknown vulnerabilities.

2. Patch Management: A proactive patch management strategy, including monitoring for emerging patches, can help organizations respond swiftly to zero-day vulnerabilities when patches become available.

3. User Training: Educating users about the risks of downloading and executing unverified software can help reduce the likelihood of zero-day exploitation.

Mitigating Supply Chain Attacks

Supply chain attacks involve compromising a trusted third-party vendor to infiltrate an organization's systems. CE+ can strengthen supply chain security by:

1. Supplier Security: Enforcing security requirements on suppliers and conducting regular security assessments can help identify and mitigate potential risks within the supply chain. Writing a requirement for CE+ certification into your organizations Master Services Agreement (MSA) would assist in enforcing supplier security.

2. Secure Configuration: Ensuring all components of the supply chain adhere to secure configurations can reduce the attack surface and vulnerabilities.

3. Continuous Monitoring: Implementing continuous monitoring and threat detection mechanisms can help identify suspicious activity or compromises within the supply chain.

Conclusion

In the ever-evolving threat landscape, organizations need a proactive and structured approach to cybersecurity. CE+ offers a valuable framework for addressing common threats, including ransomware attacks, zero-day vulnerabilities, and supply chain attacks. By implementing the recommended controls and best practices, organizations can enhance their security posture and reduce their exposure to these critical threats.

While CE+ is an effective tool, organizations must also stay vigilant, keep their systems and software up to date, and adapt to emerging threats to maintain robust cybersecurity defences. Combining this framework with continuous monitoring and incident response capabilities will further strengthen an organization's resilience against evolving cyber threats.

Richard Starnes

CISO, Six Degrees

Chair, Advisory Board, Cyber Resilience Centre for London