The UK government’s delayed national Computer Emergency Response Team, CERT-UK has been officially launched today by Cabinet Office minister Francis Maude.
CERT-UK has been in operation for some time and aims to improve the nation’s response to national cyber-security incidents, but it has had to wait for a formal launch, which finally occurred today. Maude was joined by the organisation’s head, Chris Gibson at the event, which also heard from Larry Zelvin, head of US CERT.
Maude’s speech set out the severity of the problem: “Ninety-three percent of large corporations had a breach over the past financial year. The average cost of each one is somewhere between £450,000 and £850,000, although we know of one London-based company which lost £800 million worth of revenue because of an attack.”
CERT-UK was announced in December 2012, with the government saying at the time that it planned to use the experience of the 2012 London Olympics to improve the UK Cyber Security National Incident Management policy. At that time the launch of CERT-UK was planned within 12 months, but in 2013 its launch was pushed back to “early 2014”, as the government assembled a leadership team and other resources.
In November 2013, the Cabinet Office announced the appointment of Chris Gibson as CERT-UK’s director. “I am looking forward to the task of bringing together government, industry, law enforcement and academia to establish the CERT as a team of professionals forming a world-class response to cyber threats to the UK,” Gibson said at the time.
Gibson was previously director of e-crime at Citigroup, and spent nine years on the leadership team of the international Forum of Incident Response and Security Teams (FIRST), with the last two years as global chair.
Neil Cassidy, former head of cyber-defence at Qinetiq, has now joined as deputy director of operations, and Andrew Whittaker, former Foreign Office crisis management expert, is deputy director.
CERT-UK is intended as the UK’s international point of contact on cyber-security issues, and will have responsibility for national cyber-incident management, handling cyber-incidents related to critical national infrastructure, and developing and sharing cyber-threat situational awareness. In this role, it will complement other national CERTs, such as US-CERT, which has existed since 2003, as well as the EU-wide CERT (CERT-EU).
Part of CERT-UK’s task will be to coordinate information and action with existing UK cyber-response teams, including the CSIRTUK team at the Centre for the Protection of National Infrastructure (CPNI); a group within GCHQ’s Communications-Electronics Security Group (CESG) called GovCertUK, which handles security response for government-run and defence systems; CESG’s Comsec Incident Notification Reporting and Alerting Scheme (CINRAS), which handles incidents involving cryptographic material; and Janet CSIRT, which has responsibility for the education and research sectors.
CERT-UK has also been working with the National Cyber Crime Unit (NCCU), launched in October 2013 as part of the National Crime Agency, and is planning to use the cross-industry threat information-sharing portal set up by the UK government’s Cyber Security Information Sharing Partnership (CISP).
CERT-UK will deploy “cyber-readiness” exercises such as the Operation Waking Shark events that have been mounted in the financial sector.
Peter Judge contributed to this report.
Are you a security pro? Try our quiz!
European Parliament votes to adopt Digital Markets Act and Digital Services Act, but campaigners warn…