Contents

• Can we deliver small-scale threat intelligence?

• Upcoming events

  • Thursday 3 April: Lunch and Learn for individuals

  • Jersey Fraud Prevention Forum at Jersey Library

• Cybersecurity in the news

• Jobs in Cyber

• Learning and Tools of the month

Dear reader,

Welcome back to our second newsletter of 2025. March has been a short but eventful month for JCSC.

Earlier this month I attended a training course to enable me to assess JCSC and other cyber incident response teams against the globally recognised SIM3 CSIRT maturity model maintained by the Open CISRT foundation. For a week I sat with 40 other cyber incident response professionals in training room at the offices of SPCSS (the Shared Service Centre of Czechia's treasury) and discussed everything from threat intelligence sources to incident handling playbooks and media protocols. This matters because as a small island we need to learn from others, and we need to hold ourselves to high standards. We regularly assess ourselves against this model as we work to improve JCSC's capabilities and maturity.

With that in mind, I am also pleased to hear from Government that the Cyber Security Law is now firmly back on the 'green' list and progressing again after being on hold. This also matters, as it provides the foundations upon which we operate as well as clarity, governance and accountability. What we do is important, so it's important we do it the right way.

And, if you haven’t already, don’t forget that you can subscribe to Cyber Bytes, a new newsletter we’ve launched for non-specialists. If you’re still new to cyber security, or are more interested in defending your personal data online, you can subscribe by clicking the poll below. (And don’t worry - Cyber Bytes is completed separate to this newsletter, so you can subscribe to both.)

Until next month,

Matt

Can we deliver small-scale threat intelligence?

Sometimes, staff from JCSC attend events to share (or learn) specific information, tools or skills. In other cases, attending events give us the opportunity to revisit perennial issues in cyber, and consider how we might approach them in Jersey.

In late March, I was in London for a roadshow by a leading threat intelligence provider. It was useful for several reasons. Partly because I met a local colleague who was told me she’d arranged to bring one of the provider’s staff over to Jersey. (This led to me meeting with the provider in Jersey and learning about some specific – and nasty – ransomware and credential-stealing risks to Islanders.)

But the event was also useful because it’s highlighted a challenge Jersey faces with threat intelligence. Threat intelligence is broadly what it says it is: you take information and analyse it to work out where malicious actors are likely to attack you. The supplier who ran the London event is keen on organisations using threat intelligence to drive the process of cyber defence. This is very sensible because none of us can cover all the risks, so we have to narrow our focus.

But here is the challenge: good threat intelligence is expensive. Many suppliers (including the one running this event) cater to big corporate businesses who have staff and six- or seven-figure budgets for cyber security.

The question for JCSC (and for Jersey) is what can your organisation do if your annual cyber security budget is £5000, or £1000, or even £500? In short, you can’t do much.

But can we take the central principle of threat intelligence – that you can’t focus on all the risks so you should analyse information to figure out what you should focus on – and scale it down to smaller budgets? That’s something I’ll be working on over the coming months.

In the meantime, if you have questions about threat intelligence, or any other area of your cyber security measures, you can book a free 30-minute meeting with a member of our team.

Upcoming events

Thursday 3 April: Lunch and Learn for individuals

Places are still available on our next Lunch and Learn session, which is happening this Thursday, 3 April at 1pm. Join us in person at 1 Seaton Place (or via Teams) for a whistle stop tour of how you can improve your cyber security. You don’t need to have any prior knowledge, but you must book a place.

Jersey Fraud Prevention Forum at Jersey Library

We’re partnering with other members of the Jersey Fraud Prevention Forum to run a series of monthly drop-in sessions at Jersey Library. Cyber crime and fraud are closely linked, and it’s vital we work with other members of the Forum to help protect the public.

We’ll be at Jersey Library on the following dates:

• Wednesday 30 April (11:30am - 13:30pm) with RBSI and Treasury and Exchequer

• Wednesday 28 May (11:30am - 13:30pm) with JT and Citizens’ Advice

There’s no need to book, simply drop into the Library.

In the meantime, if your organisation could benefit from a bespoke talk or workshop from us, you can contact us via [email protected] to request one.

Cybersecurity in the news

DrayTek routers experience issues worldwide

Last weekend, users of DrayTek routers found that their routers were not staying connected. As of the date of writing, it isn’t clear whether the issues are caused by a firmware update, or by attackers exploiting a vulnerability. But we do know it is affecting organisations in Jersey. DrayTek have released a patch for the issue, but it isn’t clear if this has solved the issue. Stay tuned (and keep patching your devices!)

Decoding the noise around Signal

The news last week that confidential details of US military activity was shared with a journalist in a Signal group chat has caused a lot of discussion. This includes discussion of Signal (the platform being used) and its security. This 2024 article provides a broad overview of what Signal is, and how it works.

Jobs in Cyber

Senior Security Consultant - Prosperity 24/7

This role would suit someone with a strong technical background in cyber security, experience of consulting, and a relevant degree.

Digital Solutions Internship - PwC

This internship would suit students studying for their ALevels, BTEC or equivalent, and who want to work in Jersey in the future.

The internship will take place between 4 August and 15 August 2025, so applicants will need to be available for this date.

Are you recruiting for a cyber role locally? Tell us at [email protected] and we’ll share your job listing with the community.

Learning and Tools of the month

Each month, we provide a round up of tools that our team have found useful, and which could be useful to cyber security professionals. If you’ve found a helpful tool you’d like to share, please email us and we’ll include it in a future newsletter.