The UK government has launched a scheme designed to promote greater information sharing on cyber threats between businesses and government.
Francis Maude, the Cabinet Office minister responsible for the UK national cyber security strategy, is due to launch the Cyber Security Information Sharing Partnership (CISP) later today (Wednesday) as a means to promote cross-sector threat information sharing. The scheme will involve representatives from government, industry and information security analysts.
The programme, which follows a successful pilot scheme in 2011, is designed to support the wider aims of the UK’s cyber security strategy: such as making Britain the best country in the world to do e-business and protecting critical components of the national infrastructure (ie banks, utilities, telecoms and power grid).
Eighty companies from five key sectors of the economy - finance, defence, energy, telecommunications and pharmaceuticals - were encouraged to share information as part of the pilot scheme. The wider programme (involving a reported 160 organisations, at least initially) will allow access to a secure web-portal to gain access to shared threat intelligence information in real time, the BBC reports.
The programme will also feature a a cyber attack monitoring operations room, or fusion cell. Analysts from MI5 and GCHQ will work together with their private sector counterparts in the cell, which is due to be based at an undisclosed location in London, ITV adds. The Telegraph has more detail on how this is likely to work in a story on the launch of the CISP here.
More details are likely to emerge at the launch event.
Graeme Stewart, McAfee's director of public sector strategy, welcomed the launch of the partnership but stressed the need to push security threat intelligence down to small businesses.
"Information sharing is imperative to countering cyber threats," Stewart said. "As cybercrime itself is global in nature, the need for a strong public-private partnership is critical.
"McAfee is broadly supportive of such initiatives. We would however like to see the scheme provide outreach to include smaller and SME organisations. This sector makes up the supply chains of large corporate and government organisations and therefore a substantial portion of their risk comes from this supply chain failing to understand the threat posed by nefarious cyber activity."
Terry Greer-King, UK MD for internet security firm Check Point, commented:
"This is a key step forward for both Governments and business in fighting web attacks, and reducing their impact. It’s essential that organisations collaborate and share intelligence with each other to track emerging threats, mitigate their severity or block them before they cause damage. Fighting threats together is much more effective than fighting alone."
"In 2012, our research found that 63 per cent of organisations were infected with bots, and 54 per cent infected with malware that they didn’t know about. Any move which helps to reduce these figures is very welcome," he added. ®