Resilient critical national infrastructure underpins society. But what happens when it comes under attack? Across the globe, as geopolitical tensions mount and services become increasingly digitised, threats to critical infrastructure are at an all-time high. In the last few years alone we’ve seen malicious actors target everything from oil pipelines to hospitals and satellites.
An international government found itself in a similar situation when it fell victim to a cyber-attack that created real-world consequences, leading the nation to review its cyber security posture. The government’s National Cyber Security Centre (NCSC) engaged BAE Systems Digital Intelligence to help enhance its security operations through a robust strategy.
The Challenge
Following the cyber-attack, the international NCSC wanted to build a sustainable and adaptable model that would mature and bolster its security posture. Part of this involved expanding and scaling its delivery in line with the country’s security strategy and EU directives.
However, as with any large transformation, the challenges it had to address were multifaceted – and the fact the project was delivered during the Covid-19 pandemic only added an extra layer of complexity.
To help the NCSC navigate these challenges we deployed our
BAE Systems Digital Intelligence STARA® methodology
Providing a comprehensive and scalable risk assessment, STARA® applies evidence-based threat intelligence to assess an organisation’s security risk across multiple, traditionally siloed domains – physical, technical, personnel and cyber. It looks at key threat actors from many angles; their capability and motivation to detect vulnerabilities, and the tactics, techniques and procedures they could use to launch an attack.