Four private companies specialising in defence and protection against cyber attacks are to form a “Cyber Incident Response” unit, which will act as a ‘go-to’ for organisations that fall victim to an attack. In the event of an attack, any of the four companies – that will have received prior approval from the British intelligence agency, GCHQ – will provide expert advice on damage limitation and defending against the ongoing cyber threat. While the scheme will initially just be available for public sector organisations, it will potentially be broadened out to include the private sector.
The announcement follows recent news of the GCHQ’s plans to set up the UK’s first academic institute with the aim of protecting against the rapidly escalating cyber threat, evidenced by recent claims from William Hague that the UK is under attack from up to 1,000 cyber attacks every hour.
Paul Davis, director of Europe at FireEye comments: “For far too long businesses and governments have been under a false sense of security when it comes to the cyber threat – indeed, the GCHQ recently acknowledged that enterprises are not doing enough to defend against the ‘real and credible threats to cyber security’. It is this complacency and lack of urgency that has helped to further escalate the problem, as the majority of organisations are now effectively ‘sitting ducks’ in today’s sophisticated IT security environment.
“Finally we are seeing signs that the threat is being taken seriously, and the ‘Cyber Incident Response’ scheme is a positive step in equipping organisations with the necessary tools and knowledge to protect themselves against the growing threat level. This really is vital, as the potential for cybercrime to devastate businesses is vast – indeed, earlier this year the MI5 claimed that one UK business had lost £800 million as a result of a cyber attack. With the global economy in such a precarious position, enterprises can ill afford to suffer the adverse effects – and skyrocketing financial fallout – of an attack.
“As the threat continues to evolve and malware becomes more targeted and advanced, it is up to organisations to ensure that their networks are safeguarded with water-tight security defences and to utilise the expert help and advice that is now on offer. Given the sheer severity of the threat, proactive security as opposed to purely reactive measures, must become a key focus and boardroom priority.”