Skip to main content

Government launches cyber security schemes

Magnifying glass on danger
They're coming to get you

Two government agencies have unveiled a scheme for businesses to get help from specialists in responding to cyber attacks.

CESG, the information security arm of GCHQ, and the Centre for the Protection of National Infrastructure (CPNI), have joined up with the Council of Registered Ethical Security Testers (CREST) to set up a scheme to ensure that companies that provide an incident response service will work to appropriate standards.

CREST will audit the service providers to ensure that they comply with the standards, which it has already defined, and a code of conduct. Businesses will be able to go to the providers to receive help if they suffer an attack.

This will run alongside a small Cyber Incident Response scheme, certified by GCHQ and CPNI, for larger organisations whose networks are important to the country as a whole.

Chloe Smith, Minister for Cyber Security, said: "The best defence for organisations is to have processes and measures in place to prevent attacks getting through, but we also have to recognise that there will be times when attacks do penetrate our systems and organisations want to know who they can reliably turn to for help.

"This scheme and others like it, together with the 10 Steps to Cyber Security guidance for business launched last year, are an important part of our effort to provide assistance to industry and government in order to protect UK interests in cyberspace."

Earlier in the year, the Federation of Small Businesses published a report that said many small companies don't devote sufficient attention to cyber security.