Home Working Cyber Security Toolkit

The British cyber security agency have created a tool to practice being cyber attacked and businesses are being urged to help keep their home working staff safe from cyber-attacks by testing their defences in a roleplay exercise devised by the National Cyber Security Centre (NCSC). 

The new exercise is part of a series in the agency’s Exercise in a Box toolkit, which is an online tool designed for helping organisations to understand how resilient they are to cyber-attacks and also for practicing their response in a safe environment.

The ‘Home and Remote Working’ exercise is the latest addition to the NCSC’s highly successful ‘Exercise in a Box’ toolkit, which helps businesses (notably SMEs) carry out drills in preparation for actual cyber-attacks. It has been launched as people continue to work from home in an attempt to stop the spread of coronavirus, often doing so over personal internet connections and computers. The tool allows people to test their defences by roleplaying the experience of being hit by a cyber-attack. 

It comes as millions of workers continue to work from home during the coronavirus pandemic, and has been designed to help workers reduce the risk of data compromises while working away from the office.

The exercise focuses on three key areas, teaching staff how they can safely access networks from home, which services might be needed for secure collaboration and what processes need to be in place to manage a cyber-attack remotely.
The NCSC has previously published guidance on safe home working during the pandemic, including tips on securely setting up video conferencing software.

The new online roleplay is the latest in the existing Exercise in a Box toolkit aimed at businesses wanting to test their cyber security.

Sarah Lyons, NCSC deputy director for economy and society engagement, said: "We know that businesses want to do all they can to keep themselves and their staff safe while home working continues, and using Exercise in a Box is an excellent way to do that. "While cyber security can feel daunting, it doesn't have to be, and the feedback we have had from our exercises is that they're fun as well as informative....  I would urge business leaders to treat Exercise in a Box in the same way they do their regular fire drills - doing so will help reduce the chances of falling victim to future cyber-attacks." 

The NCSC is the UK’s lead technical authority on cyber security and offers unrivalled real-time threat analysis, defence against national cyber-attacks and tailored advice to victims when incidents do happen.

NCSC:       Independent:      FS Matters:      Government Computiing

You Might Also Read: 

Easing Out Of Lockdown: Why Should Cyber Security Remain High On The Agenda?:

 

 

« US National Cyber Defense Policy
Vital Necessity Of Cloud Computing Highlights Security Risks »

Directory of Suppliers

BackupVault

BackupVault

BackupVault is a leading provider of completely automatic, fully encrypted online, cloud backup.

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

DigitalStakeout

DigitalStakeout

A simple and cost-effective solution to monitor, investigate and analyze data from the web, social media and cyber sources to identify threats and make better security decisions.

ZenGRC

ZenGRC

ZenGRC - the first, easy-to-use, enterprise-grade information security solution for compliance and risk management - offers businesses efficient control tracking, testing, and enforcement.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

Tenable Network Security

Tenable Network Security

Tenable Network Security - Don't rely only on CVSS to prioritize. Use machine learning to predict what is most likely to be exploited.

WEBINAR: How to improve threat detection and hunting in the AWS Cloud

WEBINAR: How to improve threat detection and hunting in the AWS Cloud

Thursday, August 20, 2020 - Join SANS and AWS Marketplace to learn the exercise of applying MITRE’s ATT&CK Matrix to the AWS Cloud and how to enhance threat detection and hunting in an AWS environment

Clayden Law

Clayden Law

Clayden Law are experts in information technology, data privacy and cybersecurity law.

Cyber Security Service Supplier Directory

Cyber Security Service Supplier Directory

Free Access: Cyber Security Service Supplier Directory listing 4,000+ specialist service providers.

Naked Security

Naked Security

Naked Security is a blog where Sophos Security expert Chet Wisniewski shares advice and insights into online threats

Flexiant

Flexiant

Flexiant is the leading European provider of cloud management & cloud orchestration software.

National Information Security Group (NAISG)

National Information Security Group (NAISG)

NAISG is a non-profit organization that promotes awareness and education of information security through the support of local and regional chapters.

Industrial Cyber-Physical Systems Center (iCyPhy)

Industrial Cyber-Physical Systems Center (iCyPhy)

The goal of iCyPhy is to conduct pre-competitive research on architectures and design, modeling, and analysis techniques for cyber-physical systems.

BlueKrypt

BlueKrypt

BlueKrypt is a consulting firm for the security of IT systems and their management.

Symantec Ventures

Symantec Ventures

Symantec Ventures is an active, strategic partner at key stages of a startup’s growth. We are dedicated to helping visionary entrepreneurs protect the Cloud Generation.

Titans24

Titans24

Titans24 is a Software-as-a-Service security platform for web applications. It prevents attacks on business websites that are protected under 11 cyber-security layers.

NDK InfoSec

NDK InfoSec

NDK InfoSec is a specialist Information Security and Cyber Security search firm. We're not just a security function in a larger generalist recruitment company.