GCHQ unveils schemes to help UK companies defend against cyber attack


GCHQ has announced it is putting in place two incident response operations that could protect critical national infrastructure from hackers.

CESG, the Information Security arm of GCHQ, and the Centre for the Protection of National Infrastructure (CPNI), has been running pilot programmes of the initiatives since November 2012.

[This is] a great example of government and industry working together.

Following the success of the pilots, it was decided that a twin-track approach was needed to protect infrastructure critical to the UK as well as defending public and private sector organisations.

The first scheme is 'broad-based' and will be led by the Council of Registered Ethical Security Testers (CREST), the professional body representing the technical security industry. Endorsed by GCHQ and CPNI, it will focus on "appropriate standards for incident response aligned to demand from all sectors of industry, the wider public sector and academia."

The second scheme is a smaller and more focused Government run Cyber Incident Response scheme certified by GCHQ and CPNI responding to sophisticated, targeted attacks against critical national networks.

GCHQ said that the approach would help organisations under cyber attack to "source an appropriate incident response service tailored to their particular needs and allow GCHQ and CPNI to focus on the most challenging attacks."

"We know that UK organisations are confronted with cyber threats that are growing in number and sophistication," said cyber security minister Chloe Smith.

"The best defence for organisations is to have processes and measures in place to prevent attacks getting through, but we also have to recognise that there will be times when attacks do penetrate our systems and organisations want to know who they can reliably turn to for help."

Industry figures have given their support to the scheme. Rob Cotton, chief executive of NCC Group said that this was a "a great example of government and industry working together to help improve standards of cyber security for businesses across the board."

"Having clear channels of help and support in place when the worst does happen will provide organisations with a massive boost, and also remove the confusion and panic in the immediate aftermath of a breach."

Rene Millman

Rene Millman is a freelance writer and broadcaster who covers cybersecurity, AI, IoT, and the cloud. He also works as a contributing analyst at GigaOm and has previously worked as an analyst for Gartner covering the infrastructure market. He has made numerous television appearances to give his views and expertise on technology trends and companies that affect and shape our lives. You can follow Rene Millman on Twitter.