Feeds

UK.gov intros shiny CREST badge for cyber crime-scene cleanup squad

Been cyber-screwed? Call one of GCHQ's trusted helpers

Security for virtualized datacentres

The UK has launched two cyber incident response schemes geared towards helping businesses cope better with the aftermath of malware outbreaks and other hacking attacks.

The schemes were launched on Tuesday by the Communications Electronics Security Group (known as CESG), the information security arm of GCHQ, and the Centre for the Protection of National Infrastructure (CPNI), in partnership with the Council of Registered Ethical Security Testers (CREST), the professional body representing security consultants who specialise in penetration testing.

Cyber-incident response services are necessary because, even with a well-thought-out corporate security policy, malware outbreaks and hacker attacks are more or less inevitable. The trick becomes to detect attacks early and thwart them before any real damage is done, which is where firms with computer forensics and cyber response skills come into play.

CESG ran a pilot scheme last November involving four hand-picked firms - BAE Systems Detica, Cassidian (the defence and security unit of EADS), Context Information Security and US-based Mandiant - providing cyber-incident response services to critical national infrastructure organisations such as banks, utilities and transport firms.

The aim was always to roll out similar services to a wider range of public sector firms. The results from the pilot led to the decision that a wider rollout was best accomplished using a twin track approach for certified Cyber Incident Response services.

At the top end comes a small and focused government-run Cyber Incident Response scheme, certified by GCHQ and CPNI, and designed to respond to "sophisticated, targeted attacks against networks of national significance".

Such a scheme would be overkill, not to mention too expensive, for mainstream business and e-commerce firms; hence a decision to also offer a second (more mainstream) scheme led by CREST and endorsed by GCHQ that's focuses on appropriate standards for incident response for industry, the wider public sector and academia.

Both schemes will offer a list of government-assured and certified providers of security response and clean-up services. Think Mr Wolf from Pulp Fiction, but take away the gory body part expertise and add computer forensics and malware eradication skills.

CREST will audit the service providers against standards for cyber incident response and ensure compliance through codes of conduct, which will be combined with professional qualifications for individuals. In the same way that SMEs look for a CORGI-certified gas fitter when they are seeking to install a gas boiler, the idea is that the CREST certifications will keep the cowboys out and help to ensure good standards in the tricky world of computer security incident response.

The government-endorsed twin track approach to offering certified cyber incident response services is designed to dovetail with wider government goals of making the UK more resilient to hacking attacks and cyber-espionage.

Chloë Smith, minister for cyber security said: "The best defence for organisations is to have processes and measures in place to prevent attacks getting through, but we also have to recognise that there will be times when attacks do penetrate our systems and organisations want to know who they can reliably turn to for help."

"This scheme and others like it, together with the “10 Steps to Cyber Security” guidance for business launched last year, are an important part of our effort to provide assistance to industry and government in order to protect UK interests in cyberspace," she added. ®

Secure remote control for conventional and virtual desktops

More from The Register

next story
NASTY SSL 3.0 vuln to be revealed soon – sources (Update: It's POODLE)
So nasty no one's even whispering until patch is out
Russian hackers exploit 'Sandworm' bug 'to spy on NATO, EU PCs'
Fix imminent from Microsoft for Vista, Server 2008, other stuff
'LulzSec leader Aush0k' found to be naughty boy not worthy of jail
15 months home detention leaves egg on feds' faces as they grab for more power
Forget passwords, let's use SELFIES, says Obama's cyber tsar
Michael Daniel wants to kill passwords dead
FBI boss: We don't want a backdoor, we want the front door to phones
Claims it's what the Founding Fathers would have wanted – catching killers and pedos
Kill off SSL 3.0 NOW: HTTPS savaged by vicious POODLE
Pull it out ASAP, it is SWISS CHEESE
Facebook slurps 'paste sites' for STOLEN passwords, sprinkles on hash and salt
Zuck's ad empire DOESN'T see details in plain text. Phew!
prev story

Whitepapers

Forging a new future with identity relationship management
Learn about ForgeRock's next generation IRM platform and how it is designed to empower CEOS's and enterprises to engage with consumers.
Why cloud backup?
Combining the latest advancements in disk-based backup with secure, integrated, cloud technologies offer organizations fast and assured recovery of their critical enterprise data.
Win a year’s supply of chocolate
There is no techie angle to this competition so we're not going to pretend there is, but everyone loves chocolate so who cares.
High Performance for All
While HPC is not new, it has traditionally been seen as a specialist area – is it now geared up to meet more mainstream requirements?
Intelligent flash storage arrays
Tegile Intelligent Storage Arrays with IntelliFlash helps IT boost storage utilization and effciency while delivering unmatched storage savings and performance.