THE UK government has claimed it has reduced its backlog of critical vulnerabilities by 75% and reduced cyber-attack fix times by 87%, according to the official statement published on 26 February. Serious security weaknesses in public sector websites are fixed six times faster, cutting the average time from nearly two months to just over a week, the government update says.
The rollout followed the introduction of a specialist government vulnerability monitoring service (VMS), which is a Department for Science, Innovation and Technology (DSIT) service that uses both commercial and proprietary scanning tools in public sector internet-facing assets.
The vulnerabilities tackled are DNS issues which can redirect users to fraudulent sites, steal data or take services offline, and the VMS has closed a window where a DNS weakness could go unnoticed from nearly two months to eight days, according to the statement.
The VMS continuously scans 6000 UK public sector bodies, detecting around 1000 different types of cyber vulnerabilities, while government efforts to attract talent include the new Cyber Profession initiative co-branded with DSIT and the National Cyber Security Centre.