The City of London Police recently launched a new initiative to offer threat briefings, incident response training, and other guidance to businesses located in London's Square Mile to help them secure themselves better from cyber-threats.
The launch of the initiative, dubbed Cyber Griffin, takes place at a time when the force is routinely inducting Special Constables to assist with policing in the Square Mile. These officials are being trained as per a new ‘gold standard' scheme of recruitment, training, and development and many of them are specialised in cyber and economic crime. The force hopes to increase the number of Special Constables in its ranks from 53 to over 100 in the coming days.
As part of the Cyber Griffin initiative, specially-trained officers from the City of London Police are taking a community-based approach to help businesses located in the Square Mile secure themselves from cyber-attacks. This approach includes offering free-of-charge threat briefings to arm individuals from all levels of business with basic skills to fight cyber-crime, and helping members of the business community to network with each other and share best practices.
"Although cyber-criminality challenges traditional policing as we know it, we are now more capable than ever to tackle the problem. However, it's imperative we work with our local community to do this, especially in such a unique area as the City of London which is full of businesses who have the potential to be the target for a cyber attack," said Sergeant Charlie Morrison who is leading the Cyber Griffin delivery team.
"Cyber-criminals specialise in looking for the weak spots in our security. Cyber Griffin therefore is about basics done well. Through briefings, incident response drills and expert guidance, the aim is to get the fundamentals right every time. In this case the best offence is a good defence," he added.
Specially-trained officers who are part of the Cyber Griffin delivery team are not only offering basic cyber-security lessons to those in the business community who have little or no idea about the cyber-threat landscape, but are also imparting advanced response techniques to IT professionals and more senior members of business.
They are also forming advisory groups composed of a wide-range of experts from industry and the private sector who are capable of providing valuable insight to less experienced members of the business community. Dedicated groups composed of people with experience in cyber-security and threat intelligence are also being created to offer guidance and solutions to businesses with little or no experience in such fields.
"As criminals working in cyber-space become more sophisticated, it's important we all have at least basic skills to combat those that seek to do us harm. Through this initiative the police and industry can work together to share skills and knowledge to protect ourselves from this evolving crime," said Ian Dyson, City of London Police Commissioner and National Policing Lead for Economic Crime.
Commenting on the new initiative by the City of London Police, James Hadley, CEO & founder of Immersive Labs told SC Magazine UK that while a resilient cyber-strategy is fundamental for the Square Mile to ensure business as usual, the same can be achieved via continuous improvement through identifying weaknesses, and up-skilling staff in order to plug the skills gap within an organisation.
Bill Evans, senior director at One Identity, said that while the structure of the initiative is sound, the UK police allocates very little money for the training of officers which is about 33 GBP per police officer or about 11 GBP per police officer per year. "I can tell you that 11 GBP per year does not a cyber-security expert make," he said.
"What's needed is investment on par with the magnitude of the threat. This includes a national, coordinated effort where the resources of government, including police forces, the intelligence community and security professionals from the private sector coordinate activity to share information and best practices to defend the data of the citizenry," he added.
Is Zero Trust really achievable given the complexity in finance service organisations?
Brought to you in partnership with Forescout