Overall Alerts

Computer Network Defence Overall Alert State


secwiz blankback cro tp

The Computer Network Defence Overall Alert State is designed to give a general overview of the state of CyberSecurity at a brief glance.  The definitions below will give an idea of the criteria considered when setting the status.  Occasionally we may add an additional Alert State for a specific topic, should the situation warrant.



Current Alert State



17 April, 2017 - Overall Alert State set back to Guarded.
12 April, 2017 - Overall Alert State set to Increased to bring notice to the Microsoft and Adobe Patch Days.

Subject Alert State


12 April, 2017 - A Subject Alert for Windows was added and set at High, to highlight the patch for the Office and WordPad 0-day announced a few days ago.  Exploitation of this issue has increased, indicating a need to patch quickly.  Also, Vista is now officially EOL, with no new security updates.
13 April, 2017 - Set to Increased, since updates should be rolling...
17 April, 2017 - Subject Alert for Windows removed.

Overall Alert Definitions


GUARDED This is the lowest envisaged Alert State for the foreseeable future.
Remain vigilant and be prepared for attack. There are no discernible issues impacting end networks or the infrastructure of the Internet.

UK Military Terminology – Stand Down
Civilian Terminology – Chillax


INCREASED There is unrest in cyber space requiring increased vigilance for possible cyber disruption, such as:

  • Several severe vulnerabilities across multiple platforms (eg Patch Tuesday)
  • Increased political unrest or International hostilities between Nation States which may result in indiscriminate cyber attacks and watering hole acquisition to build botnets.
  • There is a new attack vector which is taking hold and may require mitigation but not yet raising too much cause for concern.

UK Military Terminology – Stand To
Civilian Terminology – Keep Calm and Carry On


HIGH There is a marked escalation in cyber attacks and actual effect, security staff should align their security posture to mitigate the threat and exercise possible use cases relating to the threat, the threats might include:

  • Significant degradation of the Internet infrastructure, such as loss of backbones, DDoS, DNS etc.
  • Several significant vulnerabilities which are being actively exploited and/or proving difficult to mitigate.
  • Malware which is spreading quickly and causing significant issues.
  • Outbreak of Cyber hostilities between Nation States, those nations involved go to Critical Alert State

UK Military Terminology – Watch and Shoot
Civilian Terminology – Wake Up and Smell the Coffee


CRITICAL There is a direct cyber threat which will impact the majority of systems and significantly hamper IT operations, this Alert State will be used sparingly.

Where the Critical Alert State can be localised, by Product Type, Attack Vector, Threat Actor or Nations, these will be reflected in the sub heading as per the example shown.

Military Terminology – Incoming, Take Cover
Civilian Terminology – OMG!

Return to the top of the Overall Alerts Page


Go to the Radar Page                                                 cndlogo 150x150