Anticipate, adapt, repeat: the importance of adaptive cyber defence

15th January 2021


David Carroll
MD NTX Cyber

2020 will go down in history as the year when remote working came of age – few could have predicted that when turning the calendar over last January. The latest figures available from ONS showed that in April – peak pandemic – 46.6% of people in the UK did some work from home, 86% of these due to coronavirus. Unsurprisingly, there were regional variations, with percentages highest in London where over half of people were working from their living rooms, kitchens and spare bedrooms.

The shift was initially a necessity in response to the crisis, whereas it’s now viewed as something to be encouraged wherever possible; remote working creates new possibilities for employers and employees alike. However, the shift to home-working has presented challenges for cyber security professionals who were forced to quickly adapt and to re-assess risk. How can they protect staff and data when everyone is working remotely, far removed from secure office networks and systems? And how can they stay ahead of agile cyber criminals expert at exploiting events, as witnessed by the increase in ransomware attacks – many of them Covid-related – in the days following lockdown.

The National Cyber Security Centre reacted quickly to the challenges that coronavirus presented to the cyber defence of the nation. The recent NCSC Annual Review 2020 details their actions and demonstrates how security and protections have been boosted for key institutions and public bodies over the past year. For example, elements of the Active Cyber Defence programme – including the PDNS, which is delivered by Nominet on behalf of the NCSC – were made available to many more organisations in the past year, including over 200 front-line public health bodies.

The Protective Domain Name Service (PDNS) helps to protect public services networks by preventing access to malicious domains and restricting malware communications on compromised networks. It is a significant contributor to the defence of public services and has played a key role this year as the UK faced an influx of ransomware attacks.

Its initial incarnation was focused on protecting staff when they were connected to the enterprise network via a VPN or when in the office. Suddenly most of us weren’t. Without a fixed IP address, staff needed another option for accessing the protections of the PDNS – PDNS Digital Roaming has been the answer.

This app was launched in September to all those currently eligible to use the PDNS. By installing it on their device, staff can ensure that their DNS traffic is being directed to the PDNS and is thus protected by this innovative service.

These are unprecedented times. Bold steps such as this are necessary to protect the infrastructure of our society; protecting key public institutions, such as the NHS, protects all of us. As news of multiple vaccines dominates headlines, the health service and associated organisations will become an even larger target as criminals desperately seek to exploit systems and access data. Solutions like the PDNS help to secure the critical infrastructure that our nation relies on, the organisations that house our most personal records, and the institutions that we turn to in our hours of most need.

Keeping critical services secure has never been so important. As we position our country as a global digital leader for the future, it will be important to devise solutions that are adaptable as well as highly resilient and secure.

Find out more about PDNS Digital Roaming on the NCSC website.