- La colaboración entre Seguridad y FinOps puede generar beneficios ocultos en la nube
- El papel del CIO en 2024: una retrospectiva del año en clave TI
- How control rooms help organizations and security management
- ITDM 2025 전망 | “효율경영 시대의 핵심 동력 ‘데이터 조직’··· 내년도 활약 무대 더 커진다” 쏘카 김상우 본부장
- 세일포인트 기고 | 2025년을 맞이하며… 머신 아이덴티티의 부상이 울리는 경종
NCSC Updates Early Warning Threat Notifications
A leading UK cybersecurity agency has updated its threat notification service in a bid to improve the quality of alerts.
The National Cyber Security Centre (NCSC)’s Early Warning service is free to all UK organizations. It searches millions of daily threat “events” flowing through the system and surfaces ones relevant to users’ IP addresses and domains.
Going forward, the service will incorporate an edited version of the Admiralty Scale, an industry standard method of evaluating intelligence, according to the NCSC.
“Also called the ‘Nato System,’ it’s used to communicate the reliability of an intelligence source by assigning it a ‘graded’ letter, and communicate its credibility with a number,” it explained in a blog post.
“It does this by assessing the source’s capability or history, and by corroborating it with other sources. MISP users might already be familiar with it.”
The upgrade to Early Warning will help users to assess alerts provided by the service with greater clarity so that they can be more accurately prioritized by security operations teams.
The NCSC said it would also improve the quality of information shared across the threat intelligence community more generally and reduce the volume of inaccurate or irrelevant information sent to partners.
Early Warning provides three main alert types:
- Incident notifications, which can indicate an active compromise of the user’s system
- Network abuse events, which can flag when company assets have been linked to malicious activity
- Vulnerabilities and open ports, which should be addressed to reduce the corporate attack surface
“You might wonder what’s special about Early Warning when there are plenty of other data feeds out there,” the NCSC said. “Well, the service uses information feeds from the NCSC, as well as trusted public, commercial and closed sources, including several privileged feeds not available elsewhere.”