Spy agency GCHQ launches cyber incident response scheme

Government spy agency GCHQ has unveiled a cyber incident response scheme that is intended to help public-sector organisations that form part of the UK's critical national infrastructure in dealing with cyber attacks.

The pilot scheme, which was launched by GCHQ's information assurance arm CESG and the Centre for the Protection of National Infrastructure (CPNI), is primarily aimed at the public sector, but may also help private-sector organisations.

Data intelligence provider BAE Systems Detica and security providers Cassidian, Context IS and Mandiant were selected by CESG/CPNI to work in partnership to provide the appropriate services to organisations certified by CESG/CPNI to respond to cyber incidents. 

The scheme will build on the GCHQ's Cyber Security for Business programme, which it launched in September, which aims to help business leaders in their attempts to tackle the growing threat of cyber attacks. 

Both schemes come after the Intelligence Security Committee stated that UK cyber security is inadequate, despite the government spending £650m over a four-year period from 2010 on the National Cyber Security Programme (NCSP).

In a statement, Chloë Smith, minister for cyber security, said that with cyber threats growing it was inevitable that some attacks would be successful, where basic security is either inadequate or should an organisation be specifically targeted by a highly capable attacker.

"Together, GCHQ, CPNI, the incident response industry, and victims of cyber attack can improve the cyber security of the UK; that is good for security, good for business and good for the UK's prosperity," she said.