Police, private sector, MI5 and GCHQ are to form a joint Cyber Security Information Sharing Partnership (CISP) to allow access to shared information.
Allowing all to better coordinate responses to modern cyber threats, the concept is to encourage firms to share information. This follows a successful pilot scheme that included over 160 companies across a range of UK sectors.
Launching the CISP, Francis Maude, cabinet office minister responsible for the Cyber Security Strategy, said: “This innovative partnership is breaking new ground through a truly collaborative partnership for sharing information on threats and to protect UK interests in cyber space.
“The initiative meets a key aim of our Cyber Security Strategy - to make the UK one of the safest places to do business in cyber space. As part of our investment in a transformative National Cyber Security Programme; we are pleased to provide a trusted platform to facilitate this project.”
The concept is a secure virtual ‘collaboration environment' where information can be exchanged on threats and vulnerabilities in real-time, which will be complemented by a ‘fusion cell' that will be supported on the government side by the Security Service, GCHQ and the National Crime Agency, and by industry analysts from a variety of sectors.
The fusion cell will be cyber attack monitoring operations room at an undisclosed location in London.
Welcoming the announcement, former White House cyber security adviser Howard Schmidt, said that the launch of the CISP was an important step in forging an ongoing partnership between industry and government, promoting information sharing by providing the ability to analyse and redistribute information in a timely, actionable and relevant manner.
“In the US, we have seen the emphasis that President Obama has placed on cyber security and in particular steps to protect our critical infrastructure. Many senior leaders in private sector companies are supporting it and recognising it is not only a security issue but a business imperative,” he said.
Terry Greer-King, UK managing director at Check Point, said: “This is a key step forward for both governments and business in fighting web attacks, and reducing their impact. It's essential that organisations collaborate and share intelligence with each other to track emerging threats, mitigate their severity or block them before they cause damage. Fighting threats together is much more effective than fighting alone."
Graeme Stewart, director of public sector strategy at McAfee, said: “Information sharing is imperative to countering cyber threats. As cyber crime itself is global in nature, the need for a strong public-private partnership is critical, and McAfee is broadly supportive of such initiatives.
“We would however like to see the scheme provide outreach to include smaller and SME organisations. This sector makes up the supply chains of large corporate and government organisations and therefore a substantial portion of their risk comes from this supply chain failing to understand the threat posed by nefarious cyber activity.”
Neil Thacker, information security and security officer EMEA at Websense, said: “The collaboration between businesses and government to fight cyber crime can only be commended. Companies need to put aside the stigma associated with being targeted by cyber criminals and understand that its reality. It's not a case of if, but a case of when.
“Only when companies shift away from relying on basic security controls that can be bypassed, can we say that we are making real advances in fighting cyber crime.”