What can businesses learn from GovAssure?

The UK government recently introduced GovAssure, a new series of cybersecurity measures to tackle the ever-evolving threat landscape and better protect its IT systems.

These systems power critical public services so keeping them online is essential, and these new measures can function as an example for businesses to follow.

The advice of regulators, such as the National Cyber Security Centre, as well as initiatives put in place by the government are important reference points for organisations across all sectors when forming their cyber strategies, especially during periods of heightened threat.

So, what is GovAssure and what can businesses learn from it?

Unpacking GovAssure

The new measures aim to improve cyber resilience and protect government departments and critical UK national infrastructure from inbound cyber threats, building on the Government Cyber Security Strategy launched in January 2022.

The measures will see the government conduct a major review of all the IT systems from all its departments and several connected bodies under stringent requirements, to analyse the current effectiveness of its security systems.

Businesses should follow in the footsteps of GovAssure at this simple first stage and review their own IT systems and cybersecurity measures to ensure they are up to date, working effectively and can combat cyber threats.

Research from Absolute Software’s 2023 Resilience Index, adapted from millions of surveyed endpoint devices, shows that over a quarter of enterprise devices had unhealthy security controls including Endpoint Protection Platforms, Endpoint Detection and Response, anti-virus, and more.

Unhealthy security controls are fostering a false sense of security among businesses when these systems may either be functioning sub-optimally or not at all.

Under the new measures the government is introducing an annual audit of cyber health for all government departments, with third-party assessments being used to validate results. The new annual reviews will accompany the imposition of the NCSC’s Cyber Assessment Framework (CAF) to evaluate assurance measures put in place across government departments and establish best security practices.

This model of consistent review and monitoring of cyber systems is an important area that businesses should follow to ensure technology and protocols are working as expected, and crucially helping to prevent inbound threats.

Heightened threat

The NCSC’s formal warning of a new wave of incoming cyber-attacks has set the scene of heightened threat in the UK, presenting a greater challenge for security teams who are managing a diverse and widely distributed set of endpoint devices.

Business and government devices are accessing networks from an increasing number of locations, with Absolute’s research indicating a 15% rise in device locations over the past year.

This increases the risk exposure for organisations with devices often accessing company systems and data from unsecured home or public networks, allowing malicious actors to gain entry, especially if devices are operating with unhealthy security controls.

Centralised security teams are already facing challenges in managing and securing hybrid workforces in today’s work from anywhere world. With new types of threats, such as that outlined by the NCSC, constantly on the horizon, it is crucial that GovAssure and businesses have cyber policies tailored to the remote working world to effectively protect against them.

This requires resilient devices with up-to-date patching, greater visibility over devices and applications, and remote access controls to prevent entire networks from being compromised.

Prevention & recovery

Stress testing against cyber risks is especially important during periods of heightened threat, and prevention should be a central focus of an organisation’s resilient cyber policy. Cyber-attacks are a case of when, not if, so it is vital that businesses are prepared to combat incoming threats.

Visibility over a device fleet is important for centralised IT teams to monitor the status of their organisation’s network. Deploying a resilient Zero Trust policy, for example, is an effective way to provide IT teams with greater visibility as they can be alerted to suspicious device or application activity.

If a device logs on from an unfamiliar venue than one of its usual four locations, a centralised IT team can be alerted to monitor the specific device, and can be provided with the option, through remote access, to freeze or shut off a device to prevent a breach spreading.

For businesses, the crucial aspect of a Zero Trust policy being resilient is that devices aren’t immediately shut-off and staff aren’t locked out, hindering productivity in unnecessary situations.

But while prevention is the most desirable outcome, it is also advised that businesses prepare response and recovery protocols for when a successful attack occurs.

The greatest barrier of cyber-attacks is the downtime organisations can face, so leveraging self-healing technology to repair and recover devices and networks while restoring their security systems can help businesses to stay online while also reducing the risk of re-infection.

GovAssure serves as a timely reminder for organisations to re-evaluate not only the health of their security systems but also their overall cyber strategies. Whether it be staff training, technology or protocols, being prepared for all outcomes can help businesses to stay resilient.