In line with guidance being provided to other UK governmental agencies and departments, the SPPA is highlighting a need to increase cyber security resilience in response to potential malicious incidents related to tensions in Ukraine.  We are reaching out to our suppliers and raising awareness on our external channels using the following message:

Our colleagues at the National Cyber Security Centre (NCSC), the UK’s technical authority on cyber security, have issued guidance for organisations on the steps they need to take to bolster the UK’s resilience against the heightened risk of malicious cyber incidents in and around Ukraine. We know many organisations and businesses in the UK have well laid out plans and good cyber security measures in place. However due to the nature of online global networks, attacks that occur overseas could have an impact on UK institutions, services and systems. This is why organisations and businesses are being urged to take action now.

While the NCSC is not aware of any current specific threats to UK organisations in relation to events in and around Ukraine, the guidance encourages organisations to follow actionable steps that reduce the risk of being impacted by cyber attacks, including:

  • patching systems; 
  • improving access controls and enabling multi-factor authentication; 
  • implementing an effective incident response plan; 
  • checking that backups and restore mechanisms are working; 
  • ensuring that online defences are working as expected, and; 
  • keeping up to date with the latest threat and mitigation information. 

For further information visit: https://www.ncsc.gov.uk/guidance/actions-to-take-when-the-cyber-threat-is-heightened where you will find the relevant advice, actions and resources.