Feeds

UK.gov intros shiny CREST badge for cyber crime-scene cleanup squad

Been cyber-screwed? Call one of GCHQ's trusted helpers

Build a business case: developing custom apps

The UK has launched two cyber incident response schemes geared towards helping businesses cope better with the aftermath of malware outbreaks and other hacking attacks.

The schemes were launched on Tuesday by the Communications Electronics Security Group (known as CESG), the information security arm of GCHQ, and the Centre for the Protection of National Infrastructure (CPNI), in partnership with the Council of Registered Ethical Security Testers (CREST), the professional body representing security consultants who specialise in penetration testing.

Cyber-incident response services are necessary because, even with a well-thought-out corporate security policy, malware outbreaks and hacker attacks are more or less inevitable. The trick becomes to detect attacks early and thwart them before any real damage is done, which is where firms with computer forensics and cyber response skills come into play.

CESG ran a pilot scheme last November involving four hand-picked firms - BAE Systems Detica, Cassidian (the defence and security unit of EADS), Context Information Security and US-based Mandiant - providing cyber-incident response services to critical national infrastructure organisations such as banks, utilities and transport firms.

The aim was always to roll out similar services to a wider range of public sector firms. The results from the pilot led to the decision that a wider rollout was best accomplished using a twin track approach for certified Cyber Incident Response services.

At the top end comes a small and focused government-run Cyber Incident Response scheme, certified by GCHQ and CPNI, and designed to respond to "sophisticated, targeted attacks against networks of national significance".

Such a scheme would be overkill, not to mention too expensive, for mainstream business and e-commerce firms; hence a decision to also offer a second (more mainstream) scheme led by CREST and endorsed by GCHQ that's focuses on appropriate standards for incident response for industry, the wider public sector and academia.

Both schemes will offer a list of government-assured and certified providers of security response and clean-up services. Think Mr Wolf from Pulp Fiction, but take away the gory body part expertise and add computer forensics and malware eradication skills.

CREST will audit the service providers against standards for cyber incident response and ensure compliance through codes of conduct, which will be combined with professional qualifications for individuals. In the same way that SMEs look for a CORGI-certified gas fitter when they are seeking to install a gas boiler, the idea is that the CREST certifications will keep the cowboys out and help to ensure good standards in the tricky world of computer security incident response.

The government-endorsed twin track approach to offering certified cyber incident response services is designed to dovetail with wider government goals of making the UK more resilient to hacking attacks and cyber-espionage.

Chloë Smith, minister for cyber security said: "The best defence for organisations is to have processes and measures in place to prevent attacks getting through, but we also have to recognise that there will be times when attacks do penetrate our systems and organisations want to know who they can reliably turn to for help."

"This scheme and others like it, together with the “10 Steps to Cyber Security” guidance for business launched last year, are an important part of our effort to provide assistance to industry and government in order to protect UK interests in cyberspace," she added. ®

The essential guide to IT transformation

More from The Register

next story
Rupert Murdoch says Google is worse than the NSA
Mr Burns vs. The Chocolate Factory, round three!
e-Borders fiasco: Brits stung for £224m after US IT giant sues UK govt
Defeat to Raytheon branded 'catastrophic result'
Germany 'accidentally' snooped on John Kerry and Hillary Clinton
Dragnet surveillance picks up EVERYTHING, USA, m'kay?
Snowden on NSA's MonsterMind TERROR: It may trigger cyberwar
Plus: Syria's internet going down? That was a US cock-up
Who needs hackers? 'Password1' opens a third of all biz doors
GPU-powered pen test yields more bad news about defences and passwords
Think crypto hides you from spooks on Facebook? THINK AGAIN
Traffic fingerprints reveal all, say boffins
Microsoft cries UNINSTALL in the wake of Blue Screens of Death™
Cache crash causes contained choloric calamity
prev story

Whitepapers

Endpoint data privacy in the cloud is easier than you think
Innovations in encryption and storage resolve issues of data privacy and key requirements for companies to look for in a solution.
Implementing global e-invoicing with guaranteed legal certainty
Explaining the role local tax compliance plays in successful supply chain management and e-business and how leading global brands are addressing this.
Top 8 considerations to enable and simplify mobility
In this whitepaper learn how to successfully add mobile capabilities simply and cost effectively.
Solving today's distributed Big Data backup challenges
Enable IT efficiency and allow a firm to access and reuse corporate information for competitive advantage, ultimately changing business outcomes.
Reg Reader Research: SaaS based Email and Office Productivity Tools
Read this Reg reader report which provides advice and guidance for SMBs towards the use of SaaS based email and Office productivity tools.