Earlier this year, in response to the conflict between Russia and Ukraine, NCSC urged organisations to focus on heightening their cyber security programme. Since the beginning of the conflict, there has been an increase in cyber activity in Ukraine. Therefore it's more important than ever that you have the necessary protocols in place to protect your organisation against a cyber attack. The National Cyber Security Centre has recently published their guidance on ‘Maintaining a sustainable strengthened cyber security posture’,

as they appreciate the strain that their recommendations can and have put on organisations and their workforce, resources and processes. This article will look at the guidance and discuss the areas that it suggests organisations can look at to maintain a sufficient cyber security posture in the long term.

According to the NCSC, the aim of the guidance is to explain “how to maintain a strengthened cyber posture in a sustainable and efficient way, whilst prioritising staff wellbeing.” They then go on to say that  “looking after your staff is not only important from an HR perspective - it also directly contributes towards maintaining an organisation’s security and resilience.” During periods where the cyber threat is heightened for an extended period, organisations may experience a certain amount of time where they need to strengthen their defences and assess and correct weaknesses. After this, organisations should be prepared to maintain this new high level of resilience to match the increased risk due, for example, a conflict. 

 How could organisations be affected?

Needing to strengthen your cyber security defences for a sustained period inevitably increases the workload for cyber security staff, which can lead to burnout and increased levels of stress, with some organisations already having staff quit due to stress as a result of the increased workload due to the Russia-Ukraine conflict. As well as stress and burnout, the higher workload can also lead to lower productivity and more mistakes. The NCSC highlights numerous steps that your organisation can take to sustain its heightened cyber security posture. 

Get the Basics Right

Firstly, ensuring that your basic hygiene controls are in place and working correctly is vital. Even if there are no successful cyber attacks against you, it’s important that your detection systems are working due to the fact that this might not be as a result of a lower risk, it could be because your defence systems are working as they should. 

Revisit your risk-based defences

As time goes on, the risk level should be constantly monitored so that you are responding accordingly. You may find that your initial threat level has increased, meaning that the security protocols you put in place need to be looked at and changed to match the increased threat. This is vital to ensure your defences are constantly implemented in an efficient way for the long term.

Improve long term cyber resilience

An extended period of heightened cyber threat may reflect long-term shifts in adversary capability or intent and so you may need to strengthen your cyber security and resilience on a permanent basis. Accelerating planned action to harden networks and improve resilience capabilities will relieve pressure on your workforce over the long-term. 

Empower staff to make decisions

During times of heightened cyber threats, there may need to be additional oversight in place to ensure that the correct decisions are being made. This can result in extra pressures on cyber teams however, so a better way of tackling decision making may be to delegate the day-to-day decision making to appropriate team members, so more senior team members can deal with medium term decisions and issues. This could also help your organisation have a more agile response, as team members on the ‘frontline’ can make experience based decisions quicker.

Spread workloads evenly

It’s vital that as there is more work to be done, that the work is spread evenly across your team in a fair way to prevent burnout, and maximise the amount of work that is completed. Doing this also provides team members with new skills as they combat these tasks, resulting in a more competent and experienced workforce going forward. Organisations should also be prepared to add additional staff should they find it necessary.

Look after each other

As staff work on combating the cyber threat, they may see harmful or distressing content, difficult decisions and be exposed to high-pressure situations. This could negatively affect their wellbeing. It’s therefore important that you look out for signs amongst your workforce of struggle, and ensure that staff have the necessary tools and resources to respond and seek support. 

Engage the entire workforce

The NCSC guidance mainly focuses on the workforce dealing directly with cyber, but the whole workforce has a role to play in keeping your organisations protected against attacks. With the need to be acting quickly to respond to the threat, communication across the organisation needs to be consistent and clear, as a lack of this can result in lower productivity levels.

Ultimately, there are various ways in which organisations can ensure that their cyber security response plan stays at a sufficient level across a longer period of time, some that may be obvious, and some that are not as obvious. It’s clear though that for organisations to have a cyber posture that is good enough, the whole workforce should work together to ensure the most that can be done is being done to combat times of increased cyber threat levels. For more information and guidance documents, please visit the NCSC website.