A NEW scheme that will provide access to companies certified to respond effectively to the consequences of cyber security attacks has been launched today by CESG, the Information Assurance arm of GCHQ, and the Centre for the Protection of National Infrastructure (CPNI).
Called Cyber Incident Response
, the scheme will be a HMG quality-assured service provided by industry that organisations can turn to for assistance when they have suffered a cyber security incident. Whilst the scheme is primarily aimed at the public sector and organisations forming part of the UK’s critical national infrastructure, it may also be of assistance to the wider private sector.
The pilot scheme includes four companies selected by CESG/CPNI to work in partnership, based on knowledge and experience, to provide response services. The companies are BAE Systems Detica, Cassidian, Context IS and Mandiant.
Cyber Incident Response builds on the 10 Steps to Cyber Security
which was launched by the Government in September and provides advice to business leaders on increasing cyber security within their own organisations. It also supports the delivery of the UK Cyber Security Strategy.
By taking this joint approach on response to cyber incidents, Government and industry will help to nurture and grow the emerging UK cyber incident response industry. This should set it on a growth path in terms of scale and expertise, which in turn will support the security and prosperity of the UK.
Chloë Smith, Minister for Cyber Security said:
"The growing cyber threat makes it inevitable that some attacks will get through either where basic security is not implemented, or when an organisation is targeted by a highly capable attacker.
‘Cyber Incident Response’ services provide access to organisations certified by CESG/CPNI to respond effectively to cyber incidents. It builds on the ’10 steps to Cyber Security’ guidance on how to reduce the risk of vulnerability to attack.
Together, GCHQ, CPNI, the incident response industry, and victims of cyber attack – can improve the cyber security of the UK; that is good for security, good for business and good for the UK’s prosperity."
Notes for Editors
Responding to cyber infiltration – In the event of a cyber attack compromising an organisation’s network, immediate action is required to contain, understand, and eradicate the incident. This may be accompanied by mandatory reporting actions where the compromise affects partner organisations such as customers and suppliers.
GCHQ and CPNI have unique knowledge and expertise in responding to cyber incidents. By using an approach similar to that established for penetration testing services for Government under the CHECK scheme it is hoped to grow the scale and expertise of the emerging UK cyber incident response industry.
About CESG - CESG is the UK Government's National Technical Authority for Information Assurance (IA) and is the IA arm of GCHQ
CESG protects the vital interests of the UK by providing policy and assistance on the security of communications and electronic data, working in partnership with industry and academia www.cesg.gov.uk
- GCHQ is one of the three UK intelligence agencies. Further information can be found at: www.gchq.gov.uk
- CPNI is the government authority on protective security in relation to national security threat. It provides advice to businesses and organisations across the national infrastructure covering physical personnel and cyber security/information assurance. www.cpni.gov.uk
About ‘Cyber Incident Response’ Service Providers
Four companies have been selected for the Cyber Incident Response pilot. The following brief details have been provided by each of the four service providers for inclusion in this Press Notice.
BAE Systems Detica
Every day Detica helps global organisations manage cyber risk. Our dedicated incident response team can start investigating attacks within hours. We use specialist forensic tools and knowledge of attackers' methods to expose advanced malware and ensure successful business recovery.
Cassidian CyberSecurity has been delivering information assurance and cyber support to UK government and MoD for over 10 years. As part of the EADS Group, they have a global reach supporting the business activities of this world leading aerospace and defence company. Cassidian CyberSecurity’s expertise includes cyber incident response, network security monitoring, risk assessment.
Context is an independent, flexible, technically expert Information Security consultancy. We provide bespoke incident response services to organisations experiencing targeted attacks. We specialise in detecting, investigating, and mitigating breaches, whilst assisting clients with improving their defences against Cyber threats.
Peter Rennison (firstname.lastname@example.org
Tel: 01442 245030 Mob: 07831 208109
Mandiant's products and services protect the world's most valuable data every day from targeted attacks. Mandiant's unique combination of intelligence, experience and technology equip organisations to find and stop advanced attackers that bypass their preventive defences.