UK Minimum Cyber Security Standard
UK MCSS imposes various data protection, privacy and security testing requirements on all companies that must adhere to it. Holistic visibility and inventory of digital assets, web and mobile application security are an indispensable part of UK MCSS compliance process:
Section 6 (d)
“To protect digital services, you shall:
I. Ensure the web application is not susceptible to common security vulnerabilities, such as described in the top ten Open Web Application Security Project (OWASP) vulnerabilities.
II. Ensure the underlying infrastructure is secure, including verifying that the hosting environment is maintained securely and that you have appropriately exercised your responsibilities for securely configuring the infrastructure and platform.
III. Protect data in transit using well-configured TLS v1.2.”