In the last 12 months, there have been an unprecedented number of high profile cyber-attacks that hit the media – Yahoo!, Democratic National Committee, Bangladesh Bank, Lincolnshire and Google NHS and the most recent WannaCry ransomware attack which affected numerous countries worldwide on 12 May 2017.
A report by the Government’s Office of Cyber Security estimates that cyber-crime costs the UK £27 billion a year. The same report stated that:
“Our society is now almost entirely dependent on the continued availability, accuracy and confidentiality of its Information and Communications Technology (ICT). We need it for our economic health, for the domestic machinery of government, for national defense and for our day-to-day social and cultural existence” [1].
Information is a key organisational asset and its security is of paramount importance to reduce risk to business processes, reputational damage and loss in confidence of customers and citizens. Where this has been compromised, it has resulted in significant issues for the organisations concerned and is increasingly reported by the media.
iNetwork offers its membership support through access to the North West Warning, Advice and Reporting Point (North West WARP). The North West WARP is a trusted community for those concerned with their organisation’s information security. It provides a forum for members to learn from peers and experts within and outside of the group. Members are able to confidently receive and share up-to-date advice on information security threats, incidents and solutions. It is designed to facilitate appropriate vigilance, in a timely and cost effective way.
The WARP is made up of three main parts:
- Filtered Warning Alerts Service: The WARP takes in information feeds from trusted sources [including NCSC and major software networking suppliers]. The warnings and advisories are measured against each subscriber’s profile to provide a filtered service of relevant information customised for each subscriber.
e.g. NWWARP was able to send out early warning to members of the 12 May WannaCry ransomware attack prior to this information hitting the news. This gave members the heads-up and allowed them the opportunity to take early, appropriate and necessary action.
- Advice Brokering Service: a trusted forum where members can seek advice from experts within and/or outside of the WARP. This includes opportunity to attend 4 face-to-face meetings a year which are supported by DV CLAS Consultant. In addition, there is access to a number of national discussion forums accessed by WARP members and information security professionals across the country.
e.g. Prompt dissemination of advice and guidance: NWWARP was sent guidance documents from National Cyber Security Centre (NCSC) and NHS Digital which was forwarded onto members, on the Monday following the Friday cyber-attack.
- Reporting Point – Trusted Community: a forum for members to share their security incident experiences and obtain best practice advice. This strand continues to develop as the WARP attains a certain level of maturity and trust amongst members.
e.g. NWWARP received notification of the ransomware attack prior to this hitting the press and was able to send out early notification to members.
Organisations need to take steps to safeguard their information assets and being part of the North West WARP is one of the ways to take proactive steps to do this.
Who can join
The North West WARP is designed to serve Local Authorities, NHS Trusts, Health organisations, Fire & Rescue Services, Police, and Housing Associations within the North West region that also subscribe to iNetwork.
Each organisation is invited to nominate two representatives. It is envisaged that these individuals will have responsibility for information security matters in their organisation. Typically he/she may be in one of the following roles: Information Security Manager, Cyber Security Manager, Information Governance Manager, IT Security Manager, Head of IMT, etc.
If you would like to find out more information about the WARP and benefits for your organisation, please follow link: https://i-network.org.uk/services/warp/
If you would like to schedule a telephone call to find out how you get join, please contact Ajike Alli-Ameh at ajike.alli-ameh@tameside.gov.uk
[1] http://www.cabinetoffice.gov.uk/sites/default/files/resources/THE-COST-OF-CYBER-CRIME-SUMMARY-FINAL.pdf