A new penetration testing module as part of the National Cyber Security Centre’s Exercise in a Box toolkit will help remote workers of SME’s to improve their cybersecurity.
What Is ‘Exercise In A Box’ ?
‘Exercise in a Box’ is an online tool from the NCSC which helps organisations find out how resilient they are to cyber-attacks and to practise their response in a safe environment. Exercise in a Box is a completely free service and provides exercises, based around the main cyber threats, enabling small and medium-sized businesses to carry out drills in preparation for real cyber-attacks.
New Module – Remote Working
The newest module of Exercise in a Box to be launched as an addition is the existing package of penetration testing exercises is the Home and Remote Working exercise. The module has been designed to support remote working during the coronavirus pandemic and complements other products from the NCSC such as advice on working from home and securely setting up video conferencing.
What’s In It?
The Home and Remote Working exercise, which is aimed at helping SMEs to reduce the risk of compromised data while employees are working remotely focuses on three key areas, which are:
The exercises involved include scenarios based around ransomware attacks, losing devices and a cyber-attack simulator which imitates a threat actor targeting operations to test an organisation’s cyber resilience.
As part of the exercises, staff members are given prompts for discussion about the processes and technical knowledge needed to enhance their cybersecurity practices. At the end of the exercise, an evaluative summary is created, which outlines the next steps and points to NCSC guidance.
To find out more about and to registers for ‘Exercise in a Box’ visit this page: https://www.ncsc.gov.uk/information/exercise-in-a-box
What Does This Mean For Your Business?
Businesses want to do all they can to keep themselves and their staff safe while home working continues. This new exercise from NCSC, part of GCHQ, will enable SMEs to have a free, engaging, easy and effective way to make sure that remote workers understand how to work in a secure way, thereby protecting themselves and the business from cyber-attacks.