How Foundational Controls Can Be Used to Help Fight Back Against Digital Security Challenges

On 26 March, the UK government unveiled its Cyber Security Export Strategy. The Department for International Trade (DIT) created this strategy to help the United Kingdom capitalize on the world’s ever-evolving digital security market.

In essence, the document lays the groundwork for deeper collaboration between the DIT and UK firms to export digital security products and services to other countries, including less mature “cyber” economies where buyers might still be unsure about how to best protect their digital assets.

Through the Cyber Security Export Strategy, the government hopes UK firms will be able to help foreign governments and private organizations with their digital security needs. Success with those international entities would not only elevate the reputation of UK companies in the digital security industry. It would also advance the United Kingdom’s mission to become one of the safest and most secure places to do business.

While the Strategy seeks to help other governments with their digital security needs, the UK government has yet to take any equivalent action that strengthens its own public sector’s defenses. That’s not to say the need isn’t there, however.

As reported by Public Sector Executive, UK organizations under government control lack adequate budget, resources and trained personnel to protect against digital threats. Together, these constraints prevent organizations from moving away from legacy platforms, investing the necessary time to achieve Cyber Essentials certification and achieving compliance with regulation frameworks.

They also hamper enterprises’ ability to build a security culture and deepen their workforce’s security hygiene, resources which are key in the fight against incidents like the May 2017 WannaCry outbreak.

Given these findings and challenges, it’s not surprising to learn British company Advanced found that 23 percent of UK public sector companies feel unprepared for a digital attack. Another study conducted by digital workplace provider (Read more...)