Configuration Error Embarrasses UK’s Cyber Essentials

Advertisement


The UK government’s Cyber Essentials scheme has suffered an embarrassing incident; but one that can hardly be called a breach and certainly not a cyber-attack. A configuration error in the underlying software platform exposed the email addresses of consultancies registered with the scheme — nothing more.

Cyber Essentials is a UK government-backed certification scheme designed to encourage the adoption of good security practice. It includes five primary technical controls: boundary firewalls and internet gateways; secure configuration (ironically); access control; malware protection; and patch management.

Advertisement