Inching ahead in the cyber crime war

UK Cyber Security Minister Chloë Smith

UK Cyber Security Minister Chloë Smith

In the popular American Football movie ‘Any Given Sunday’, a near burnt-out coach played by Al Pacino somehow digs out an inspirational half-time speech in a crucial game that turns his team’s fortunes and his own life around.

His theme is that, in sport and in life, the gap between success and failure is measured in inches and you have to fight for every inch. It’s all on YouTube – and may be useful for business speakers looking for inspiration! – but you get the gist from his start…

“I don’t know what to say really. Three minutes till the biggest battle of our professional lives. It all comes down to today. Now either we heal as a team, or we’re gonna crumble. Inch by inch, play by play, till we’re finished. We’re in hell right now, gentlemen. Believe me. And we can stay here, get the **** kicked out of us, or we can fight our way back into the light. We can climb out of hell. One inch at a time…”

CISOs of relief?

The idea that you only make progress an inch at a time is nowhere more true than in cyber security. CISOs, assailed from all sides, battered by constant and ever evolving threats, have to dig in daily and don’t often have much help or hope to encourage them.

Well, some support arrived this month with a claimed-to-be ‘unique’ UK Government scheme – the brainchild of its spy listening service GCHQ – that offers everyone from critical national infrastructure networks to government departments, large corporates to SMEs, help against cyber attacks.

The Cyber Security Incident Response (CSIR) scheme provides a list of government-certified clean-up service providers who organisations can call in to in the event of a data breach. The initiative has been launched while the first providers are still in the final stages of being certified – reflecting the urgency of the threat at a time when an estimated 90% of UK organisations suffered a data breach last year.

CSIR is a twin-track initiative. A small government-run scheme will help critical ‘networks of national significance’ respond to sophisticated targeted attacks.

A second, broader scheme will help all commercial companies, the wider public sector and academia. This is where the ‘unique’ element comes in; it’s a government-industry partnership with GCHQ handing over the scheme’s running to CREST (the Council of Registered Ethical Security Testers) – the not-for-profit organisation representing the IT security industry.

CREST president Ian Glover said seven clean-up service providers are currently being audited for the scheme, with the successful ones being approved by around the end of September.

Better late than never

The scheme Is the first co-ordinated UK plan to help people deal with the aftermath of an attack. (The Government last year issued a 10-step programme to help companies avoid being breached in the first place – available at www.gov.uk/government/publications/cyber-risk-management-a-board-level-responsibility.)

Cyber Security Minister Chloë Smith is realistic: “We have to recognise that there will be times when attacks do penetrate our systems and organisations want to know who they can reliably turn to for help.”

And CREST’s Ian Glover has strong feelings on the scheme’s significance, saying: “I’ve been in the industry for 36 years – this is the first time I’ve ever seen industry and government collaborate in this way. This is a grown-up, considered way of government and industry collaborating on a major issue. It is quite unique. It’s because of the importance of the issue and the willingness of the UK government to collaborate with industry, knowing they haven’t got the capacity to deal with the emerging threat.”

The success of CSIR will be seen once it is fully up and running. But one downside with the idea – and the Government’s overall response to cyber attacks – is the confusion of agencies involved. In all seriousness, CSIR was announced by CESG, in collaboration with CREST, following a pilot conducted by CESG and CPNI and it is endorsed by GCHQ and is part of a national programme run by OCSIA. Surely these different agencies and reporting lines could be streamlined and co-ordinated?

But a piecemeal approach aside, it’s a step forward in the fightback against cyber attackers. This may not be Hollywood or sport, but the cyber criminals have had it their way for too long, and now there’s a bit more support available, an inch more progress in the right direction.

Leave a Reply

Your e-mail address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.