Ten new UK Cyber Resilience Centres to open


Based on the Scottish model, 10 new centres in England will promote cyber-security measures for business

Ten policing cyber resilience centres are to open in the next 15 months to help businesses prevent cyber-attacks as well as support those organisations that are affected by data breaches.

Consultancy company Business Resilience International Management (BRIM), will work with police to deliver new Cyber Resilient Centres following an extensive EU tender procurement process.

The £300,000 procurement contract, which lasts for a period of 15 months, will see BRIM deliver ten of these Policing Cyber Resilience Centres.

BRIM is expected to be able to deliver a similar model to the Scottish cyber-resilience model, which been already been delivered for the Cyber Resilience Centre for Greater Manchester and the North East Business Resilience Centre.

In Scotland, the The Scottish Business Resilience Centre works hand in hand with the single police service (Police Scotland) to deliver prevention advice to business.  The centre exists to create an environment where business can trade securely, regardless of size and sector and works closely with its partners, members and stakeholders to help make Scotland a more resilient and safer place to live and work. It offers a wide range of services and advice covering all aspects of business resilience. 

Based on the SBRC model, a Cyber Resilience Centre (CRC) is a police-supported initiative that creates a cyber-resilience collaboration between police and business. It offers an affordable, practical way to address the increasing curve in cyber-crime by opening a dialogue between the public and private sector to prevent and address the threat from cyber-criminals. 

For businesses, a Cyber Resilience Centre provides a dedicated point of contact on cyber-crime and access to services that can support them in becoming cyber-resilient. The CRC therefore becomes a resource hub that further increases business confidence in the ability of the police to deal with cyber-crime, thus encouraging increased reporting and collaboration.  

For the Police, having a Cyber Resilience Centre provides a central point to focus the tools, information and expertise to help prevent cyber-crime and deal with cyber-criminals. In an increasingly sophisticated digital environment, the CRC models also facilitates police access to high-level, cutting-edge cyber-skills in an affordable way through the association with Ethical Hacking students.   

Currently the main customer is Derbyshire Constabulary where Chief Constable Peter Goodman is responsible for the NPCC Cyber portfolio for the UK.

The model will deliver three different elements which includes; the set up and governance of a board as an independent organisation combining police, academia and business, provisioning of commercial services through working directly with regional universities and live students, and it will work directly with the policing cyber model to support business to be a part of these models.

IASME, which delivers the preferred Cyber Essentials model across the UK, will also play an active role in the delivery of this contract.  IASME is also the National Cyber Security Centre’s sole Cyber Essentials Scheme Partner from April 2020 onwards.

BRIM CEO Mandy Haeburn-Little said the tendering process was "lengthy and at times exhaustive".

"We are absolutely delighted that we will be able to develop further the model which has been successful in other parts of the UK and look forward to continuing to work very closely with partners in all areas of policing including the Protect Network, the cyber-security industry, the SBRC and IASME," she said. "We are delighted that our model was recognised above other submissions and really looking forward to getting started."

As reported by SC Media UK, Goodman said at the CSC19 conference in Monaco that it is important to "get an understanding of the concerns of CISOs in private industry and their perspectives, the commercial imperatives they face, including when it comes to reporting cyber-crime".

"Our role is to assist, support and get business up and running and exfiltrate the information we require.  Often we are not looking for a criminal investigation if that’s not in accordance with the wishes of the victim," he said.

Find this article useful?

Get more great articles like this in your inbox every lunchtime

Video and interviews