Meet the man who'll TAKE OVER if UK faces CYBER ATTACK

Chris Gibson to head up UK’s national Computer Emergency Response Team

Using blade systems to cut costs and sharpen efficiencies

Digital Neighbourhood Watch

Brian Honan, an infosec consultant who founded and heads up the Republic of Ireland's Computer Security Incident Response Team, explained that national CERTs act as a peer to their international partners as well as co-ordinating response to cyber-security incidents nationally.

"There are a number of CERTS in the UK already but they may just be focusing on a particular industry or part of the government," Honan told El Reg. "A national CERT is the de facto CERT that CERTs in other countries would contact to help deal with a security issue."

"A CERT, Computer Emergency Response Team, is a service set up by organisations, industry bodies or governments to help their constituents deal with computer security issues. Typically many CERTs would act as coordination points to assist other CERTs deal with incidents. Other CERTs may offer devices such as alerting subscribers to vulnerabilities or targeted attacks, while others may also offer incident response services."

CERT-UK will provide a "core incident management response, lead international CERT engagement and provide cyber situational awareness and information sharing for the benefit of the UK as a whole," according to a Cabinet Office statement.

The recently advertised role of deputy director of operations at CERT-UK will include running the joint Government-Industry initiative CISP – the cyber security information sharing partnership - as well as leading a team of up to 25 network and security specialist at CERT-UK.

The practical difficulties involved in the seemingly straightforward task of sharing cyber information was highlighted during a round table discussion of programme committee members at the RSA Conference Europe late last month.

Coming together to blast internet nasties off the web

Researchers at antivirus firms have long shared malware samples with their peers at other vendors. But there's nowhere near this level of co-operation in sharing the details of software vulnerabilities and exploits, which have become a marketable commodity over recent years.

Threat sharing among commercial firms, meanwhile, has historically been limited to small communities where everybody knows each other, such as banking or academia, rather than through cross-industry partnerships. Damage to brand reputation if news about breaches or other security problems leak out has historically tended to inhibit even anonymous sharing of security threats outside closed groups.

The Cyber Security Information Sharing Partnership (CISP), launched back in March, aims to breaks down barriers to cross-industry information sharing.

Greg Day, RSA Conference programme committee member and chief technology officer at security vendor FireEye, said cyber sharing tends to happen within private clubs. Finding a tool or mechanism to share threat information that suits everyone will be difficult, according to Day.

John Colley, committee member and managing director of security training an certification outfit (ISC)2 in Europe, agreed that information sharing is based on trust. Colley relayed an anecdote that neatly illustrated how threat information sharing can be beneficial.

Barclays Bank shared information with a peer in the banking industry after its customers were targeted by a then-novel phishing attack in 2003, he said. This meant staff at NatWest were much better prepared to react when clients of the rival high street bank were targeted by a similar phishing scam two weeks later.

Earlier this week, EU cyber security agency ENISA called for better data-sharing and interoperability among European CERTs.

While such information sharing in and between small group such as universities and the banking sector is uncontroversial, wider sharing of information is a political hot potato, as demonstrated by controversy over the US Cyber Intelligence Sharing and Protection Act (CISPA).

CISPA allows private companies to share customer information with the NSA and others in the name of cybersecurity. The legislation has failed to get through Congress twice already since its first introduction in 2011 but was resubmitted earlier this month. The proposed law would also allow firms to share their customers' web traffic information - among other things - with the Feds. Privacy activists opposed the law long before the Snowden revelations made it even more controversial. ®

The smart choice: opportunity from uncertainty

More from The Register

next story
NEW, SINISTER web tracking tech fingerprints your computer by making it draw
Have you been on YouPorn lately, perhaps? White House website?
HIDDEN packet sniffer spy tech in MILLIONS of iPhones, iPads – expert
Don't panic though – Apple's backdoor is not wide open to all, guru tells us
LibreSSL RNG bug fix: What's all the forking fuss about, ask devs
Blow to bit-spitter 'tis but a flesh wound, claim team
Black Hat anti-Tor talk smashed by lawyers' wrecking ball
Unmasking hidden users is too hot for Carnegie-Mellon
Manic malware Mayhem spreads through Linux, FreeBSD web servers
And how Google could cripple infection rate in a second
Don't look, Snowden: Security biz chases Tails with zero-day flaws alert
Exodus vows not to sell secrets of whistleblower's favorite OS
Own a Cisco modem or wireless gateway? It might be owned by someone else, too
Remote code exec in HTTP server hands kit to bad guys
prev story


Seven Steps to Software Security
Seven practical steps you can begin to take today to secure your applications and prevent the damages a successful cyber-attack can cause.
Consolidation: The Foundation for IT Business Transformation
In this whitepaper learn how effective consolidation of IT and business resources can enable multiple, meaningful business benefits.
Designing a Defense for Mobile Applications
Learn about the various considerations for defending mobile applications - from the application architecture itself to the myriad testing technologies.
Build a business case: developing custom apps
Learn how to maximize the value of custom applications by accelerating and simplifying their development.
Consolidation: the foundation for IT and business transformation
In this whitepaper learn how effective consolidation of IT and business resources can enable multiple, meaningful business benefits.