NCSC Guidance - Ukraine Tensions
Incident Report for Pulsant Service
Update
Due to the escalations within Ukraine, Pulsant's Cyber Security team have taken additional measures to review a common set of CVE’s (common vulnerabilities and exposures) that have been known to be exploited by Russian-state sponsored APT (advanced persistent threat) actors for initial access. This has been against all our internal assets and where possible client assets (covered by appropriate services within Alert Logic) – both searches have produced no results.

Pulsant continue to engage and monitor threat intelligence feeds for updates, including NCSC (UK National Cyber Security Centre). Their advice on appropriate counter-measures remains our existing stance, which is to routinely assess the effectiveness of our cyber controls, regardless of the threat.

Not all clients consume Pulsant Protect solutions, if you as a client manage your own security, we would advise you follow NCSC guidance or seek further advice from Pulsant on where we can assist further.
Posted Feb 24, 2022 - 17:19 GMT
Monitoring
We continue to monitor this situation carefully and will update clients if threat levels change.
Posted Feb 02, 2022 - 16:32 GMT
Investigating
As as result of tensions in Ukraine, NCSC have flagged a potentially elevated cyber threat but also state that they are not aware of any specific threat to UK organisations at this time.

General advice from NCSC reflects our normal approach to Cyber threats (regardless of its origin) in that we maintain and routinely measure the effectiveness of appropriate counter measures to reduce our exposure to cyber-attacks. Good cyber security relies upon ensuring that mitigations and detective controls continue to perform as expected and we have the capability and capacity to respond quickly to security incidents if or when they occur.

Pulsant as an organisation has robust and effective policy, governance and technical controls that ensures we patch our systems regularly, maintain strong access controls (incl. multi-factor authentication), perform regular system, network infrastructure monitoring, and maintain effective incident management and response. Pulsant also keep abreast of evolving threats and will take extraordinary measures where necessary.

Not all clients consume Pulsant Protect solutions, if you as a client manage your own security, we would advise you follow NCSC guidance or seek further advice from Pulsant on where we can assist further.
Posted Feb 02, 2022 - 16:32 GMT