Government and industry form united front on cyber security

The ‘fusion cell’ initiative adopted by the Government’s Cyber Security Information Sharing Partnership (CISP) – the new government and industry project to share information and intelligence on cyber security threats – will provide an enhanced picture of cyber threats facing the UK.

For the first time, cyber security experts from industry will operate alongside government intelligence agencies in an attempt to combat online crime.

The concept has its origins in the US fusion centre – a crime and terrorism prevention and response unit that enables information sharing between multiple agencies. This initiative originated in the US following the ‘intelligence failure’ of 9/11 to address the challenges of multiple disparate agencies being unable to effectively share information.

Joanne Taylor, director of public security for business analytics software specialist SAS, says the basic principles of fusion centres are to “collect information from all available sources, vet the information, analyse it in order to identify trends, patterns and threats that may indicate planned or ongoing criminal activity or terrorism and share that information among all concerned parties”.

This will be the aim of the fusion cell complementing the CISP, which will be supported on the Government side by the Security Service, GCHQ and the National Crime Agency, and by industry analysts from a variety of sectors.

It will provide a solution for the difficulties police face in the transition from tactical to strategic analysis, which requires the ability to view disparate pieces of information and recognise trends within them.

According to Peter Ship, intelligence specialist at the SAS-owned crime and intelligence software provider Memex, “intelligence sharing has moved on vastly over the past few years but it will always evolve and the attitude to the IT required and its benefits in gathering information need to evolve too to ensure police have a 21st century tool for combating 21st century crime”.

In his White Paper, The Future of ‘Fused Intelligence’ in the Fight Against Terrorism, he explained: “Data fusion centres are a fresh concept in the US in gathering and analysing information, integrating a variety of government agency and private sector information and intelligence to provide a more accurate picture of potential risks. The US’ approach of identifying the best analytical tools on the market and utilising these systems has allowed them to form an information sharing network which is ahead of the UK.”

In the same vein, the CISP’s aim is to help the Government and private sector firms share confidential information about current cyber security threats and how to manage them. The partnership introduces a secure virtual ‘collaboration environment’ where government and industry partners can exchange information on threats and vulnerabilities in real-time.

Cabinet Office minister Francis Maude claimed the partnership is “breaking new ground” by allowing firms to pool resources in the fight against cybercrime.

“We know cyber attacks are happening on an industrial scale and businesses are by far the biggest victims in terms of industrial espionage and intellectual property theft, with losses to the UK economy running into the billions of pounds annually,” said Mr Maude. “This innovative partnership is breaking new ground through a truly collaborative partnership for sharing information on threats and to protect UK interests in cyberspace.”

The CISP builds on a pilot of the scheme last year that involved 80 private sector companies. This has since been expanded to 160 companies from the defence, pharmaceuticals, telecommunications, finance and energy industries with more expected to join in due course.

Speaking at last week’s launch, Howard Schmidt, former White House cyber security adviser, said: “In the US, we have seen the emphasis that President Obama has placed on cyber security and in particular steps to protect our critical infrastructure.