CESG, the Information Assurance arm of UK Government Communications Headquarters (GCHQ), in collaboration with the Centre for the Protection of National Infrastructure (CPNI), has launched a new initiative called ‘Cyber Incident Response'. The scheme will offer organisations facing cyber threats the opportunity to contact companies certified to respond effectively to the consequences of cyber-attacks. The companies’ response role will be to analyse and then contain the incident, followed by a cleaning-up operation.
Currently, the pilot scheme comprises four companies including BAE Systems Detica, Cassidian, Context IS and Mandiant Corp. Each company was selected by CESG based on its expertise and experience in providing cyber response services. These companies will work in partnership with GCHQ, CPNI and the other companies to set the future standards for cyber response services. Currently the scheme is aimed at the public sector, but there is potential for it to be utilised in the private sector as the programme matures. There are also plans to develop and publish eligibility criteria so that other companies can become accredited when the programme is expanded into full service, which is expected by spring 2013.
Cyber Incident Response is intended to build on the “10 steps to cyber security” for which we posted a blog in September that provided guidance to organisations trying to prevent cyber vulnerabilities.
The introduction of the scheme comes at an opportune time for the UK as it faces on-going and persistent threats of increasingly sophisticated cyber-attacks. Detica earlier this year warned that there has been a tenfold increase in cyber-attacks since 2011, with the attacks coming from more cyber attackers and an increasing number of countries.
Chloe Smith, Minister for Cyber Security, declared that "the growing cyber threat makes it inevitable that some attacks will get through either where basic security is not implemented, or when an organisation is targeted by a highly capable attacker." She encouraged a joint response from organisations and industry to counter this and improve the cyber security of the UK.