We use digital services to manage just about every aspect of our lives. Online shopping and banking are obvious examples, but we’re also talking about important public services like applying for a passport or filing a tax return.
Convenient digital services are now expected and relied upon by millions of end users. But there is a hidden cost. Because these virtual services provide access to things of very real value, they have become a prime target for cyber attack.
When a digital service is successfully compromised, the fallout can be damaging, expensive and embarrassing for the organisation involved and potentially catastrophic for the individuals whose data has been lost.
However, in many cases, the worst outcomes can be avoided if services are designed, built and operated well. The majority of breaches occur because one or more of these aspects has been neglected.
This collection is intended to give you a high level tour of the approaches we recommend at each stage of a service’s lifecycle. Using these principles will make your service a ‘hard target’ for would-be attackers.
Source: NCSC
