London-specific threat-intelligence launching via Mayor's office initiative

London-specific threat intelligence is to be provided to businesses in the capital, possibly as early as next month, via an innovative independent body combining the police, government and the private sector, instigated by the Mayor's office.

The LDSC is headed up by Mandy Haeburn-Little
The LDSC is headed up by Mandy Haeburn-Little

This new independent company, the London Digital Security Centre (LDSC) Programme, has its soft launch in June and expects to be fully operational and formally launch by October, based in accommodation provided by BT, at Broadway, opposite New Scotland Yard. It has effectively taken what was the cyber and e-crime aspect of a broader remit at the Scottish Business Resilience Centre (SBRC) and will focus on SMEs – in the 1 to 200 employee range.

The LDSC is headed up by Mandy Haeburn-Little, who is also chief executive of the Scottish Business Resilience Centre, and whose model – which has been underway in Scotland for the last three and a half years – she is bringing to London.

There are currently 19 staff and at full complement there will be about 25, with secondment from the forces and private sector including two from the City of London Police, six to eight from the Metropolitan Police, Operation Falcon team; two from RBS; two from Barclays, three full-time ethical hackers and others available on an on-call basis; links to the mayor's office with a manager, and a permanent events coordinator. 

Talking to SCMagazineUK.com in City Hall, Haeburn-Little explained the reasons behind the initiative: “A survey of London SMEs by the mayor's office last year showed that there was a lack of confidence among the business community about the police's knowledge of cyber-issues and what happened when they were reported. Secondly there seemed to be concern about how the three different bodies – the National Crime Agency, the City of London Police and the Metropolitan Police – worked together, and thirdly there was a general lack of knowledge of what they needed to do to be more resilient.”

The NCA, which works with SBRC in Scotland, recommended the organisation and its approach, both for its leadership of digital resilience, but also for communication between policing and business. Haeburn-Little adds: “[Cyber-crime] is not going away. You can't expect police to manage all of the threats faced alone – it's not feasible – we need to approach it in a different way. We want to bring the successful and cost effective model used in Scotland to London, including partly using Scottish skills. We work with ethical hacking students who are able to provide services at 10 percent to 20 percent of the cost of normal commercial alternatives, making them accessible to smaller companies.”

For example, providing a person's complete digital footprint costs somewhere between £250 and £350, and pentests between £1,500 and £2,000 – which is an enormously discounted rate.

Funding is partly from the mayor's office, as well as private sector contributions and charging for student hire, but it's not intended to become a money-making machine, rather it's subsidising smaller businesses, putting that money back into London. The budget for the entire Scottish centre is about £1 million and the London operation is expected to be a similar cost when fully up and running, though starting with less. The low cost is due to the partnership approach, with several technical security companies giving their training materials and education materials free of charge.

“We've had offers from Sophos and NCC Group with the marketing of what we are doing. Barclays are offering training to Project Falcon officers, RBS are offering specialist training as well – all free of charge. Further trusted partners are sought - even for one day per week,” says Haeburn-Little, with skills still needed including knowledge of fraud (tech or financial institutions); broader military and defence; and marketing.

SMEs make up 99.8 percent of all private sector companies in London, some 932,500 SMEs within the city, and of those, 70 percent employ one person, often working from home – so they need to be communicated with in a completely different way.

Haeburn-Little comments: “If we talk about cyber they don't get it – I've seen people physically walk away. So it needs terminology that is very simply about creating better business profits, and about processes that will help them to achieve that. With issues such as phishing getting more and more sophisticated, it's really hard for people. No one wants to feel stupid. It's about helping people to feel more confident.”

On the London-specific threat intelligence, Haeburn-Little told SC: “The NCA is continually scanning the international threat level, the City of London police are already scanning London vulnerabilities and the private sector is beginning to offer us feeds here, from some of the big technical providers who are doing their own scanning – then we'll be able to produce London-specific intelligence for business which will be able to say the types of attacks which are happening, and these are vulnerabilities you ought to keep any eye out for. At the Met, the project Falcon officers and the City are seconding officers in, in the same way that Police Scotland has for the Scottish Business Resilience Centre, and they will work with us as advisors to business.

“I think it will take time to get to (the level of specific threats, such as known bad URLs) but that's what we'd like to have. There is an issue of immediacy. There's no point us producing information that you could just go and get on the internet. We've got agreements using the CSSE model set up and used during the Olympic games. They have, say, 120 industry sector leads – and it's a cascade system of secure messages, nobody changes the message, and the LDSC board have agreed to use this for ongoing digital awareness across London. This becomes more and more important and the intelligence becomes more important.”