The importance of Vulnerability Disclosure for businesses

A senior member of the security team for the NHS Covid-19 app recently shared how having a defence process in place had averted a cyber crisis for the app and meant a QR code login bug could be fixed quickly.

It was discovered that users of the Covid app were able to check in to a venue using a QR code poster that was not generated by the NHS service.

In his blog for the National Cyber Security Centre, Stuart H shares how having a Vulnerability Disclosure Programme had enabled developers to quickly create a patch to fix this problem, which you can read about here: https://www.ncsc.gov.uk/blog-post/bugs-happen-be-ready-to-fix-them

Though most small businesses will not have in-house developers like the Covid-19 app team, this story highlights the importance of having a back-up plan in place. Would you know exactly what to do if you or one of your customers discovered a bug in your app or website?

The NCSC has a Vulnerability Disclosure Toolkit to help organisations prepare their plan of action. This is suitable for businesses of all sizes to increase their resilience against as potential future attack: https://www.ncsc.gov.uk/information/vulnerability-disclosure-toolkit.

As a member of the NEBRC, you will have contact with local cyber security officers who can help you strengthen your processes. Learn about joining us here: https://www.nebrcentre.co.uk/membership

NEBRC New Logo Sept 2020.png

The Business Resilience Centre for the North East (NEBRC) is a non-profit organisation which exists to support and help protect North East England businesses from cyber crimes.

Connect with us:

  • Twitter
  • LinkedIn
  • YouTube

© 2020 North East Business Resilience Centre