Home Working Cyber Security Toolkit

The British cyber security agency have created a tool to practice being cyber attacked and businesses are being urged to help keep their home working staff safe from cyber-attacks by testing their defences in a roleplay exercise devised by the National Cyber Security Centre (NCSC). 

The new exercise is part of a series in the agency’s Exercise in a Box toolkit, which is an online tool designed for helping organisations to understand how resilient they are to cyber-attacks and also for practicing their response in a safe environment.

The ‘Home and Remote Working’ exercise is the latest addition to the NCSC’s highly successful ‘Exercise in a Box’ toolkit, which helps businesses (notably SMEs) carry out drills in preparation for actual cyber-attacks. It has been launched as people continue to work from home in an attempt to stop the spread of coronavirus, often doing so over personal internet connections and computers. The tool allows people to test their defences by roleplaying the experience of being hit by a cyber-attack. 

It comes as millions of workers continue to work from home during the coronavirus pandemic, and has been designed to help workers reduce the risk of data compromises while working away from the office.

The exercise focuses on three key areas, teaching staff how they can safely access networks from home, which services might be needed for secure collaboration and what processes need to be in place to manage a cyber-attack remotely.
The NCSC has previously published guidance on safe home working during the pandemic, including tips on securely setting up video conferencing software.

The new online roleplay is the latest in the existing Exercise in a Box toolkit aimed at businesses wanting to test their cyber security.

Sarah Lyons, NCSC deputy director for economy and society engagement, said: "We know that businesses want to do all they can to keep themselves and their staff safe while home working continues, and using Exercise in a Box is an excellent way to do that. "While cyber security can feel daunting, it doesn't have to be, and the feedback we have had from our exercises is that they're fun as well as informative....  I would urge business leaders to treat Exercise in a Box in the same way they do their regular fire drills - doing so will help reduce the chances of falling victim to future cyber-attacks." 

The NCSC is the UK’s lead technical authority on cyber security and offers unrivalled real-time threat analysis, defence against national cyber-attacks and tailored advice to victims when incidents do happen.

NCSC:       Independent:      FS Matters:      Government Computiing

You Might Also Read: 

Easing Out Of Lockdown: Why Should Cyber Security Remain High On The Agenda?:

 

 

« US National Cyber Defense Policy
Vital Necessity Of Cloud Computing Highlights Security Risks »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

ON-DEMAND WEBINAR: How to build and implement an effective endpoint detection and response strategy

ON-DEMAND WEBINAR: How to build and implement an effective endpoint detection and response strategy

Discover how you can implement endpoint detection and response (EDR) tools into your security strategy.

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

Indelible Data

Indelible Data

Indelible Data is an established information security and technology consultancy and a Cyber Essentials Certification Body.

Sapphire

Sapphire

Sapphire deliver flexible and scalable cybersecurity solutions, helping organisations to detect, protect, respond and remediate against cyber threats.

CloudCheckr

CloudCheckr

CloudCheckr is a next-gen cloud management platform that unifies Security & Compliance, Inventory & Utilization and Cost Management.

RiskIQ

RiskIQ

RiskIQ is the leader in digital threat management, providing the most comprehensive discovery, intelligence, and mitigation of threats associated with an organization’s digital presence.

Advanced Systems International SAC

Advanced Systems International SAC

Advanced Systems international is a global company dedicated to data security software design, development, support, and licensing.

Specops Software

Specops Software

Specops Software is a leading password management and authentication solution vendor.

Norwest Venture Partners (NVP)

Norwest Venture Partners (NVP)

Norwest Venture Partners offer entrepreneurs a broad range of services to help them build their businesses at every stage of growth. Key sectors include AI, Infrastructure, SaaS and Security.

Business Hive Vilnius (BHV)

Business Hive Vilnius (BHV)

BHV is one of the oldest startup incubator and technology hubs in the Baltics, primarily focused on hardware, security, blockchain, AI, fintech and enterprise software.

tru.ID

tru.ID

We’re tru.ID, and we're reimagining mobile authentication, one API at a time.

Gravitee

Gravitee

Gravitee helps organizations manage and secure their entire API lifecycle with solutions for API design, management, security, productization, real-time observability, and more.

Netox

Netox

Netox is a comprehensive IT service provider that combines IT support services, IT solutions and specialist services; specializing in cybersecurity solutions.

Aeries Technology

Aeries Technology

Aeries is a technology services organization offering capabilities in Technology Services, Digital Transformation, and Business Process Management.

Cyber Suraksa

Cyber Suraksa

We make security simple and hassle-free by offering a sustained and secure IT environment with next-gen cybersecurity solutions through a scalable security-as-a-service model.

risk3sixty

risk3sixty

Risk3sixty are information and cyber risk management craftsmen helping build business-first security and compliance programs.

Deepware

Deepware

Deepware is an emerging AI research company dedicated to exploring the potential of GenAI in both generation and detection.

ESProfiler

ESProfiler

Enterprise Security Profiler. Empowering CISOs with clarity & confidence in their security programme by visualising capabilities, usage and spend against their key threat priorities.