Our thoughts on the NCSC Annual Review

The NCSCs Annual Review is a great resource that all UK businesses should take note of. We’ve highlighted some of the headline stats and takeaways from the recently released 2023 report below: 

  • The NCSC received 2,005 reports of cyber incidents, an increase of almost 64% from last year’s 1,226. Of these, 62 were nationally significant and four of them were among the most severe incidents the NCSC has had to manage due to the sustained disruption they caused and the victims’ links to critical infrastructure via supply chains. 
  • Between September 2022 and August 2023, they received 297 reports of ransomware activity. The top five sectors reporting into the NCSC were academia (50), manufacturing (28), IT (22), finance (19) and engineering (18). Further, 327 incidents involved the exfiltration/extortion of data (18.5% increase on last year). 
  • The highest proportion of incidents handled by the NCSC resulted from the exploitation of applications. This involves an actor exploiting a vulnerability in a public-facing application to gain unauthorised access to a target network. Incidents resulting from these vulnerabilities were some of the most widespread, for example in the Citrix vulnerability (CVE20233519) the NCSC was required to deal with 13 separate nationally significant incidents involving the exploitation of this vulnerability.  

Whilst UK cyber security employment figures are rising, with a 10% growth in the cyber sector last year, However, a shortage of skilled candidates in the labour market with the appropriate technical cyber security skills is still cited as the single biggest barrier (44%) to recruiters. This prevents many organisations from retaining the cyber skills and expertise they need in-house.  

At Redcentric, we retain highly skilled, qualified, and experienced consultants with diverse backgrounds and skill sets, including penetration testers, ethical hackers, incident responders, threat hunters, risk managers, and information security managers. Our breadth of capabilities, experience, and expertise enables our clients to tackle a range of cyber security challenges and realise the outcomes they need to be secure. 

Contact us for assistance with tackling your cyber and information security challenges.  

Read the full report here: https://www.ncsc.gov.uk/files/Annual_Review_2023.pdf 


Related Posts

redcentric

Redcentric

0800 983 2522 sayhello@redcentricplc.com