GCHQ has launched two cyber incident response initiatives to help UK businesses who suffer cyber-attacks.
Britain’s intelligence agency has launched the two schemes to deliver specialist industry expertise to victims of attacks, in collaboration with the Centre for the Protection of National Infrastructure (CPNI) and the Council of Registered Ethical Security Testers (CREST).
The Cyber Incident Response schemes follow on from the successful pilot conducted by CESG, the Information Security arm of GCHQ, and CPNI starting in November 2012 and funded by the National Cyber Security Programme.
The new CESG scheme will provide a list of government assured, certified providers of response and clean up services in the event of a cyber-attack.
Minister for Cyber Security Chloë Smith said: “We know that UK organisations are confronted with cyber threats that are growing in number and sophistication.
“The best defence for organisations is to have processes and measures in place to prevent attacks getting through, but we also have to recognise that there will be times when attacks do penetrate our systems and organisations want to know who they can reliably turn to for help.”
The CESG pilot concluded that a twin track approach to providing response services would be most effective, with a broad based scheme led by CREST focusing on standards for incident response based on industry demand and academic research and a small and focused Government run Cyber Incident Response scheme responding to sophisticated, targeted attacks against networks of national significance.
Smith said: “I am delighted to announce a unique Government-Industry partnership to tackle the effects of cyber incidents. This scheme and others like it, together with the ‘10 Steps to Cyber Security’ guidance for business launched last year, are an important part of our effort to provide assistance to industry and government in order to protect UK interests in cyberspace.”
As well as defining standards CREST will audit the service providers against these standards and ensure compliance through codes of conduct, which combined with professional qualifications for individuals will provide the buying community with confidence in the competence of the companies they are contracting.
Only a small number of industry providers are likely to achieve the necessary expertise and quality standards to successfully tackle the threats and techniques employed by highly skilled threat actors and related to networks of national significance. The detailed requirements for these providers are available on the CESG website. www.cesg.gov.uk