Intelligence agency Government Communications Headquarters (GCHQ) has launched a new Cyber Incident Response scheme to link organisations targeted in cyber attacks with companies who can help them respond.
The pilot scheme was launched today by the Communications-Electronics Security Group (CESG), the Information Assurance arm of GCHQ, and the Centre for the Protection of National Infrastructure (CPNI).
In a statement, GCHQ said that while the scheme is primarily aimed at the public sector and organisations forming part of the UK’s critical national infrastructure, the service may also be of use to the private sector.
Interesting Links
GCHQ creates ‘virtual’ cyber security research unit
CESG and CPNI selected four companies to work in partnership on the scheme, based on knowledge and experience in cyber security, to provide response services. They are: BAE Systems Detica, Cassidian, Context IS and Mandiant.
“The companies will respond to an incident by analysing and then containing the incident, and then cleaning it up,” a GCHQ spokesperson told Information Age. “They will then produce an incident report describing the incident and recommend actions to prevent a recurrence.”
Independent information security consultancy Context IS has been providing technical assurance, targeted attack detection, response, investigation and mitigation services since 2007.
“The Cyber Incident Response scheme marks a very positive move by CESG/CPNI to harness the skills and expertise of companies such as Context in order to support the growing number of victims of targeted attacks,” said Alex Church, technical director at Context Information Security.
“Organisations notified of attacks or those interested in getting advice about detection and mitigation will now have a clear pointer to specialist help with the level of trust and quality-assurance delivered by the scheme,” Church said.
Chloe Smith, newly appointed minister for cyber security, said the scheme builds on the ’10 steps to Cyber Security’ guidance, which was launched in September and provides organisations advice on the basic measures to increase cyber security within their organisations.
"The growing cyber threat makes it inevitable that some attacks will get through either where basic security is not implemented, or when an organisation is targeted by a highly capable attacker,” Smith said.
“Together, GCHQ, CPNI, the incident response industry, and victims of cyber attack – can improve the cyber security of the UK; that is good for security, good for business and good for the UK’s prosperity,” she said.