{"id":35723,"date":"2022-05-10T05:00:00","date_gmt":"2022-05-10T05:00:00","guid":{"rendered":"http:\/\/cloudnewshub.com\/archives\/35723"},"modified":"2022-05-10T05:00:00","modified_gmt":"2022-05-10T05:00:00","slug":"cyberuk-22-ncsc-refreshes-cloud-security-guidance","status":"publish","type":"post","link":"https:\/\/cloudnewshub.com\/?p=35723","title":{"rendered":"CyberUK 22: NCSC refreshes cloud security guidance"},"content":{"rendered":"<div><img decoding=\"async\" src=\"http:\/\/cloudnewshub.com\/wp-content\/uploads\/2022\/05\/cyberuk-22-ncsc-refreshes-cloud-security-guidance.jpg\" class=\"ff-og-image-inserted\"><\/div>\n<p>The UK\u2019s <a href=\"https:\/\/www.ncsc.gov.uk\/\" target=\"_blank\" rel=\"noopener noreferrer\">National Cyber Security Centre<\/a> (NCSC) has published a refreshed set of guidelines to support organisations in migrating their online services and sensitive data into the cloud, setting out the groundwork for what it describes as a \u201cmore adaptable approach\u201d to assure technology.<\/p>\n<p>Dating back nearly 10 years, although it has been reviewed and revised in that time, <a href=\"https:\/\/www.ncsc.gov.uk\/collection\/cloud-security\">the Cloud Security Guidance<\/a>, at its core, is designed to help buyers determine how confident they can be that a cloud service is secure enough to handle their data through a framework that is built around 14 cloud security principles.<\/p>\n<p>Launched on the opening day of its annual <a href=\"https:\/\/www.cyberuk.uk\/website\/7174\/\">CyberUK conference in Wales<\/a>, the guidance is aimed at organisations of any size from across the public and private sectors, reflecting the growing number of businesses and bodies utilising the benefits of cloud to streamline their operations. To this end, it has been specifically designed to be as accessible as possible \u2013 it now includes two frameworks to enable everybody from small businesses to the very largest enterprises to adopt cloud services in confidence.<\/p>\n<p>\u201cThe cloud plays an increasingly vital role in the functioning of online services across the UK, and this trend will continue into the future,\u201d said Paul Maddinson, director of national resilience and strategy at the NCSC.<\/p>\n<p>\u201cOur refreshed Cloud Security Guidance has the philosophy of <a href=\"https:\/\/www.techtarget.com\/whatis\/definition\/security-by-design\">security by design<\/a> at its heart, meaning that organisations can have confidence when choosing a provider. I\u2019d strongly encourage network defenders at organisations of all sizes to make use of the actionable advice set out in our refreshed Cloud Security Guidance.\u201d<\/p>\n<p>Reflecting a growing awareness of issues affecting <a href=\"https:\/\/www.computerweekly.com\/ehandbook\/The-CISOs-guide-to-supply-chain-security\">supply chain security<\/a> \u2013 which takes on a heightened urgency when applied to providers of public cloud services \u2013 it also now emphasises how critical it is for buyers to thoroughly vet and assess their potential suppliers to reduce the risk of their data being lost or stolen.<\/p>\n<p>It also adheres to a newly published, principles-based technology assurance approach, which according to the NCSC enables thorough consideration of how technologies or systems can keep themselves, and the other systems (and humans) that rely on them, safe from the threats they are likely to encounter during their lifespan.<\/p>\n<p>Chris Hayman, director of UK public sector at Amazon Web Services (AWS), commented: \u201cOrganisations are using cloud computing for ever more diverse and mission-sensitive use cases, and we\u2019re pleased to see the NCSC\u2019s updated guidance reflect that.<\/p>\n<p>\u201cThe NCSC is a world leader in the development of advice and guidance on the security benefits of cloud, and we look forward to continuing our work with them to support their mission to help make the UK the safest place to live and work online.<\/p>\n<p>\u201cSecurity matters to everyone and, for our part, we will continue to innovate and help raise the security bar for everyone,\u201d said Hayman.<\/p>\n<p>Meanwhile, the ongoing CyberUK 2022 conference supports <a href=\"https:\/\/www.computerweekly.com\/opinion\/A-whole-of-society-approach-to-cyber-may-be-on-the-horizon\">the so-called \u201cwhole-of-society\u201d approach<\/a> to the UK\u2019s national cyber security posture, in train with the aims of the government\u2019s <a href=\"https:\/\/www.computerweekly.com\/opinion\/National-Cyber-Strategy-will-enhance-UKs-cyber-power-status\">National Cyber Strategy<\/a>.<\/p>\n<p>The event includes various panels, sessions and interactive workshops, many <a href=\"https:\/\/www.youtube.com\/channel\/UCyAPLAtCSeL1s85YMY8ULnw?app=desktop&amp;cbrd=1\">streamed live on the NCSC\u2019s YouTube channel<\/a>, with key topics this year inevitably including the global cyber security community\u2019s response to the war in Ukraine and the potential threat that Russia\u2019s invasion poses to organisations in the UK.<\/p>\n<p>The conference also hosts the Cyber Den competition, which sees emerging security companies pitch their solutions to various security challenges to the NCSC\u2019s panel of dragons, with the winner receiving a year\u2019s worth of bespoke support and assistance to develop their product or service further.<\/p>\n<p>The full CyberUK 2022 programme <a href=\"https:\/\/www.cyberuk.uk\/website\/7174\/cyberuk2022programme\/\">can be found here<\/a>.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>The UK\u2019s National Cyber Security Centre (NCSC) has published a refreshed set of guidelines to support organisations in migrating their online services and sensitive data into the cloud, setting out the groundwork for what it describes as a \u201cmore adaptable approach\u201d to assure technology. Dating back nearly 10 years, although it has been reviewed and [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":35724,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[533],"tags":[],"class_list":["post-35723","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-it"],"_links":{"self":[{"href":"https:\/\/cloudnewshub.com\/index.php?rest_route=\/wp\/v2\/posts\/35723","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/cloudnewshub.com\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/cloudnewshub.com\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/cloudnewshub.com\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/cloudnewshub.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=35723"}],"version-history":[{"count":0,"href":"https:\/\/cloudnewshub.com\/index.php?rest_route=\/wp\/v2\/posts\/35723\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/cloudnewshub.com\/index.php?rest_route=\/wp\/v2\/media\/35724"}],"wp:attachment":[{"href":"https:\/\/cloudnewshub.com\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=35723"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/cloudnewshub.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=35723"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/cloudnewshub.com\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=35723"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}