GCHQ names companies charged with cleaning up UK cyber-attacks

Two schemes will provide response services to any business suffering an attack

CESG, the information security arm of GCHQ, has announced the companies that are going to be responsible for responding to and cleaning up some of the UK's most serious cyber attacks.

Two schemes have been set up to help companies and those responsible for the UK's national infrastructure better cope with the increasing challenges posed by cyber warfare.

CESG is working with the Centre for the Protection of National Infrastructure (CPNI), in collaboration with the Council of Registered Ethical Security Testers (CREST), the professional body representing the technical security industry.

The first scheme - Cyber Incident Response (CIR) - will deal initially with sophisticated, targeted attacks against 'networks of national significance', and will be supported by BAE Systems Detica, Context, Mandiant, MWR and SecureWorks.

Whilst a second scheme - Cyber Security Incident Response (CSIR) - is aimed at protecting against any other cyber attacks affecting both private and public sector organisations, and will initially be supported by BAE Systems Detica, MWR InfoSecurity, PwC and Verizon.

"The CSIR scheme gives the buying community confidence in the integrity and competence of the CREST certified companies they can turn to for help following an attack," explains Ian Glover, president of CREST.

"I congratulate all of the companies that have now been accredited because it certainly hasn't been a trivial, box ticking matter. The bar has to be set high if we are to ensure that cyber security incidents are dealt with properly and effectively."

MPs on the Home Affairs Select Committee recently claimed that the UK is losing the war on online criminal activity and said that the government is too complacent in targeting cyber criminals. It has also been criticised for its vague response to some of the questions posed by January's Defence Select Committee report on cyber-security.

Tags: infosec, security, MWR InfoSecurity, BAE Systems, Mandiant, public sector, GCHQ, IT Business

The important issues in Information Security today.

READ THIS ARTICLE
DO NOT SHOW THIS BOX AGAIN [ x ]
Comments are now closed.
CSO Corporate Partners
  • Webroot
  • Trend Micro
  • NetIQ
rhs_login_lockGet exclusive access to CSO, invitation only events, reports & analysis.
CSO Directory

Enterprise Security for Endpoints

Think your endpoints are secure? Think again. Learn why Trend Micro can help.

Latest Jobs
Security Awareness Tip

Incident handling is a vast topic, but here are a few tips for you to consider in your incident response. I hope you never have to use them, but the odds are at some point you will and I hope being ready saves you pain (or your job!).


  1. Have an incident response plan.

  2. Pre-define your incident response team 

  3. Define your approach: watch and learn or contain and recover.

  4. Pre-distribute call cards.

  5. Forensic and incident response data capture.

  6. Get your users on-side.

  7. Know how to report crimes and engage law enforcement. 

  8. Practice makes perfect.

For the full breakdown on this article

Security ABC Guides

Warning: Tips for secure mobile holiday shopping

I’m dating myself, but I remember when holiday shopping involved pouring through ads in the Sunday paper, placing actual phone calls from tethered land lines to research product stock and availability, and actually driving places to pick things up. Now, holiday shoppers can do all of that from a smartphone or tablet in a few seconds, but there are some security pitfalls to be aware of.