The UK government has launched two new Cyber Incident Response schemes to help give businesses access to industry expertise.

GCHQ Launches Cyber Incident Response Schemes
The Government Communication Headquarters (GCHQ) in Cheltenham which houses the UK\'s Joint Cyber Unit. (Credit: Reuters) Reuters

As part of its £650m Cyber Security Strategy the government is looking to help UK organisations - both public and private - deal with the increased threat of cyber-attacks.

Two initiatives are the next steps in the Cyber Incident Response programme which began on a pilot basis in November 2012. The pilot scheme concluded that a twin-track approach would best meet the needs of protecting critical national infrastructure as well as wider public and private sector organisations.

The schemes are being launched by the CESG, the information security arm of the Government Communications Headquarters (GCHQ) and the Centre for the Protection of National Infrastructure (CPNI), in collaboration with the Council of Registered Ethical Security Testers (Crest), the professional body representing the technical security industry

The first aspect of the scheme will see Crest work with security providers to draw up a set of standards for incident response in line with the demands from "all sectors of industry, the wider public sector and academia".

Small and focused

It will see certain security providers gain special accreditation and see them placed on a GCHQ list of approved suppliers.

The second strand of the scheme will see the establishment of a "small and focused" government-run incident response team which will response to any "sophisticated, targeted attacks against networks of national significance."

Chloe Smith, minister for cyber security said: "We know that UK organisations are confronted with cyber threats that are growing in number and sophistication. The best defence for organisations is to have processes and measures in place to prevent attacks getting through, but we also have to recognise that there will be times when attacks do penetrate our systems and organisations want to know who they can reliably turn to for help."


Dr Jarno Limnell, director of cyber-security at Stonesoft, points out that a successful cyber-attack could have major implications for the still-recovering UK economy:

"Cybercrime and defence are complex themes to legislate, but with business success reliant on digital processes, and with the UK economy still in a state of recovery, a successfully launched cyber-attack could not only potentially knock back confidence in UK business, but also push economic growth off track."

Limnell adds that because of the borderless nature of the internet, others should look to the UK for guidance:

"However, due to the nature of the internet and modern business, cyber crime doesn't adhere to national boundaries. Other nations should look to the UK as an example of best practise for governmental-business cooperation, and this is the perfect opportunity for the UK to take the lead among European nations in building defence capabilities."