Guide to the UK government cyber essentials scheme
by Edwin Bentley - Senior Software Developer at Titania - Thursday, 1 May 2014.
International affairs think-tank Atlantic Council in association with Zurich Insurance Group released recently a report which warns of parallels between the global cyber scene and the financial meltdown from 2008. It argues that Ďon the internet, it has been easier to attack than to defendí because the internet was founded on trust, not security. However, as the internet became increasingly complex, highly interconnected and widely available the risks escalated rapidly.

The report ends with best practice recommendations resonating with the ones found in the Cyber Essentials program. As it stands the UK does not have any cyber security certification, no reference point to measure against and no single agreed guidance to look up to. The Cyber Scheme initiative is the first step to a one-for-all policy, with the only hope that it will not turn to represent yet another compliance headache for SMEs, but an actual support line for the business sector.

CREST, working with CESG the information security branch of GCHQ has developed an assessment framework which is now available for consultation. The full scheme along with the assessment framework and the accreditation badge will be available in summer 2014.


VPN protocol flaw allows attackers to discover users' true IP address

The team running the Perfect Privacy VPN service has discovered a serious vulnerability that affects all VPN providers that offer port forwarding, and which can be exploited to reveal the real IP address of users.

Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.

Daily digest

Receive a daily digest of the latest security news.

Tue, Dec 1st