dfm covers

Cyber Incident Response Scheme Launched

Print PDF
Thursday, 22 August 2013 20:15 Written by DFM News

Two Schemes that provide access to industry expertise to respond effectively to the consequences of cyber security attacks have been formally launched today by CESG, the Information Security arm of GCHQ, and the Centre for the Protection of National Infrastructure (CPNI), in collaboration with the Council of Registered Ethical Security Testers (CREST), the professional body representing the technical security industry.

The Cyber Incident Response schemes follow on from the successful pilot conducted by CESG and CPNI starting in November 2012 and funded by the National Cyber Security Programme. The new CESG scheme will provide a list of government assured, certified providers of response and clean up services in the event of a cyber-attack.

The pilot concluded that the objectives of the National Cyber Security Strategy in providing greater resilience to Critical National Infrastructure (CNI) companies, as well as wider public and private sector organisations, can be best met by adopting a complementary twin track approach for certified Cyber Incident Response services:

A broad based scheme led by CREST and endorsed by GCHQ and CPNI, which focuses on appropriate standards for incident response aligned to demand from all sectors of industry, the wider public sector and academia.

A small and focused Government run Cyber Incident Response scheme certified by GCHQ and CPNI responding to sophisticated, targeted attacks against networks of national significance.

This approach will enable all those organisations that may be victims of cyber-attack – SMEs, national and multinational industry, the CNI, the wider public sector and central government – to source an appropriate incident response service tailored to their particular needs and allow GCHQ and CPNI to focus on the most challenging attacks.

CREST, a not for profit organisation, has worked with industry and government to define standards that companies providing ‘Cyber Security Incident Response (CSIR)’ services should have in place to protect client information. CREST will audit the service providers against these standards and ensure compliance through codes of conduct. This combined with professional qualifications for individuals will provide the buying community with confidence in the integrity and competence of the companies with whom they are contracting.

The CREST standard for the industry-led segment will act as a foundation to establish a strong UK cyber incident response industry able to tackle the vast majority of cyber-attacks. This will enable service providers to establish a track record and, if they so choose, apply for certification under the CESG/CPNI-led scheme for the most sophisticated cyber-attacks.

Some organisations need incident response support equipped to tackle the most sophisticated of attacks. Only a small number of industry providers are likely to achieve the necessary expertise and quality standards to successfully tackle the threats and techniques employed by highly skilled threat actors and related to networks of national significance.

Please make cache directory writable.

Submit an Article

Call for Articles

We are keen to publish new articles from all aspects of digital forensics. Click to contact us with your completed article or article ideas.

Featured Book

Learning iOS Forensics

A practical hands-on guide to acquire and analyse iOS devices with the latest forensic techniques and tools.

Meet the Authors

Andrew Hoog

Andrew Hoog is the Chief Investigative Officer at viaForensics'


Coming up in the Next issue of Digital Forensics Magazine

Coming up in Issue 42 on sale from February 2020:

Forensic Syntactical & Linguistic Investigation

Mark Iwazko presents a case study regarding a Forensic Syntactical & Linguistic investigation: Instructed by the Moscow General Council of one of the actual big four accountants. Read More »

Forensic Readiness: A Proactive Approach to Support Forensic Digital Analysis

An increasing number of criminal actions are inflicting financial and brand damage to organizations around the globe. An impressive number of such cases do not reach the courts, mainly because of the organization’s inefficiency to produce robust digital evidences that are acceptable in the courts of law. Read More »

Subscribe today

Using Error-Patterns for Attribution: An Applied Linguistics Technique

Corpus Linguistics within Second Language Acquisition has developed models of error patterns made by defined groups of second language learners. This knowledge base can be leveraged by a knowledgeable analyst to attribute content to a subset of authors. Read More »

Every Issue
Plus the usual Competition, Book Reviews, 360, IRQ, Legal

Click here to read more about the next issue