Fusion Cell cyber-unit will defend UK business from cyber-attack, Government announces

Crack cyber-spooks handed job

Cabinet Office minister Francis Maude will today announce the Government's futuristic-sounding 'Fusion Cell', a 12-15 person group of elite security experts who will sit in front of screens at a secret location monitoring cyber-attacks against the UK and its businesses in real time.

Launched as part of the Cyber Security Information Sharing Partnership (CISP) meant to connect the expertise of GCHQ, MI5 and Government to the businesses community, the Government hopes Fusion Cell protect businesses from the waves of cyber-attacks that hit them every day.

CISP was trialled to 60 businesses as part of Project Auburn over the last year and has since been be extended to 160 firms, including many in defence, energy, telecoms and key parts of the public sector.

The key job of Fusion Cell is to give participants visibility on attacks as they happen, something that has dogged cyber-defence plans to date.

If it sounds like a James Bond movie directed by the Wachowski Brothers then that is probably the intended effect, but there will also be mundane dimensions to its job.

Firms will be expected to share data on the attacks they are experiencing and offer vetted staff to aid Fusion Cell's work.

"We know cyber attacks are happening on an industrial scale and businesses are by far the biggest victims in terms of industrial espionage and intellectual property theft, with losses to the UK economy running into the billions of pounds annually," Francis Maude said in a trailed statement.

"The initiative meets a key aim of our cyber-security strategy to make the UK one of the safest places to do business in cyberspace."

According to comments made by unnamed officials, the UK Government remains unconvinced by the EU's proposed Network and Information Security (NIS) directive, which would compel companies in critical sectors to report security breaches.

Rather than encouraging openness and sharing, the fear is that EU-wide legal compulsion might have the opposite effect of causing firms to share only what is required, leaving out essential detail.

Notably, in the UK's model, reporting into the CISP using a secure web portal will be confidential.

This difference of emphasis does underline the extent to which the UK's plans are driven by concerns over business security; the EU's anxiety is as much about the effects on citizens.

Last month the UK announced a separate unit, the Cyber Crime Reduction Partnership (CCRP), meant to connect police, security industry experts and academics in the fight against mainly criminal cybercrime.

This was followed up some days ago by a multi-institution academic research unit on the back of a £4.5 million ($6.8 million) GCHQ grant, tasked with finding vulnerabiilites in software.

The Government's concern over cyber-attacks is understandable. According to an MI5 report last year, one London-based firm lost £800 million in revenues after a cyber-attack launched by a foreign state.

Some have criticised the initial scope of the CISP.

"We would like to see the scheme provide outreach to include smaller and SME organisations," commented McAfee director of public sector strategy, Graeme Stewart.

"This sector makes up the supply chains of large corporate and government organisations and therefore a substantial portion of their risk comes from this supply chain failing to understand the threat posed by nefarious cyber activity," he added.

Join the CSO newsletter!

Error: Please check your email address.

Tags Personal TechCabinet OfficesecuritygovernmentGCHQ

More about EUGCHQMcAfee Australia

Show Comments

Featured Whitepapers

Editor's Recommendations

Solution Centres

Stories by John E Dunn

Latest Videos

  • 150x50

    CSO Webinar: The Human Factor - Your people are your biggest security weakness

    ​Speakers: David Lacey, Researcher and former CISO Royal Mail David Turner - Global Risk Management Expert Mark Guntrip - Group Manager, Email Protection, Proofpoint

    Play Video

  • 150x50

    CSO Webinar: Current ransomware defences are failing – but machine learning can drive a more proactive solution

    Speakers • Ty Miller, Director, Threat Intelligence • Mark Gregory, Leader, Network Engineering Research Group, RMIT • Jeff Lanza, Retired FBI Agent (USA) • Andy Solterbeck, VP Asia Pacific, Cylance • David Braue, CSO MC/Moderator What to expect: ​Hear from industry experts on the local and global ransomware threat landscape. Explore a new approach to dealing with ransomware using machine-learning techniques and by thinking about the problem in a fundamentally different way. Apply techniques for gathering insight into ransomware behaviour and find out what elements must go into a truly effective ransomware defence. Get a first-hand look at how ransomware actually works in practice, and how machine-learning techniques can pick up on its activities long before your employees do.

    Play Video

  • 150x50

    CSO Webinar: Get real about metadata to avoid a false sense of security

    Speakers: • Anthony Caruana – CSO MC and moderator • Ian Farquhar, Worldwide Virtual Security Team Lead, Gigamon • John Lindsay, Former CTO, iiNet • Skeeve Stevens, Futurist, Future Sumo • David Vaile - Vice chair of APF, Co-Convenor of the Cyberspace Law And Policy Community, UNSW Law Faculty This webinar covers: - A 101 on metadata - what it is and how to use it - Insight into a typical attack, what happens and what we would find when looking into the metadata - How to collect metadata, use this to detect attacks and get greater insight into how you can use this to protect your organisation - Learn how much raw data and metadata to retain and how long for - Get a reality check on how you're using your metadata and if this is enough to secure your organisation

    Play Video

  • 150x50

    CSO Webinar: How banking trojans work and how you can stop them

    CSO Webinar: How banking trojans work and how you can stop them Featuring: • John Baird, Director of Global Technology Production, Deutsche Bank • Samantha Macleod, GM Cyber Security, ME Bank • Sherrod DeGrippo, Director of Emerging Threats, Proofpoint (USA)

    Play Video

  • 150x50

    IDG Live Webinar:The right collaboration strategy will help your business take flight

    Speakers - Mike Harris, Engineering Services Manager, Jetstar - Christopher Johnson, IT Director APAC, 20th Century Fox - Brent Maxwell, Director of Information Systems, THE ICONIC - IDG MC/Moderator Anthony Caruana

    Play Video

More videos

Blog Posts