Controlling Your Exposure: A Guide to Digital Risk and Intelligence
50
In adopting these recommendations, threat intelligence teams will be able to create an initial
operating capability, which will make a sufficient start in managing and controlling the digital footprint
of the organisation.
Medium Term Recommendations at the Government Department Level, in Enabling
DR&I Teams
With just the short-term recommendations, government departments are at risk of missing key
enablers that will suitably bolster the new capability. For this reason, we have provided the following
recommendations to government departments to progress and enable their capability, at a medium-
term time frame. This paper recommends that government departments:
Commission external digital risk exposure assessments of their digital footprint at least once
a year, to understand how the footprint is changing over time
Explore vendor trials to adopt, in order to utilise the tools and services in the market, at low
cost, to make use of available capability
Develop service models which blend vendor and in-house resources to achieve a mature
automated response function
Liaise with the appropriate law enforcement agency, through the department’s legal teams,
to assist in developing policies for monitoring specific public domains, as well as advising on
response plans
Adopt relevant metrics, specifically measuring the mean-time-to-remediate, to appropriately
measure the performance of the capability
Create an educational awareness campaign to communicate to employees to encourage
better control of their digital footprints
Longer Term Recommendations at the Cross-Government Function Level
Protecting digital footprints for the future will require support from wider organisations in HM
Government. To make the most of the expertise available, this paper has made recommendations
to cross-government functions, such as the NCSC, Government Digital Service, Government
Legal Profession and Crown Commercial Service. These recommendations will enable government
departments to successfully monitor and control their digital footprint. This section of the paper will
provide recommendations for cross-government functions in the following areas:
The Cabinet Office should define an accountable cross-government function, such as the
NCSC with guidance from GDS, to commit high level searching over the open web, deep
web and dark web for protective marking on documents from across all government
departments
The Cabinet Office, supported by the NCA, NCSC and Government Legal Profession, should
provide clear legal guidance to enable government departments to safely and lawfully monitor
public domains
The Crown Commercial Service should provide clear, reasonable frameworks to assist
departments in adopting vendor trials, and eventually procuring managed services