The Government has appointed former Citigroup e-crime head Chris Gibson as the founding director of the UK’s revamped but delayed Computer Emergency Response Team (CERT), CERT-UK.
Originally meant to be up and running in 2013 as part of the Government’s multi-pronged Cyber Security Strategy overhaul of the UK’s national security regime, delays in finding the right people have pushed CERT-UK’s operation that back to sometime in 2014.
News that Gibson began his job on 11 November is still an important moment.
His pedigree is good, having spent a nearly a decade at a senior level of the international Forum of Incident Response and Security Teams (FIRST), the last two as global Chair. He was also a member of the British Bankers’ Association (BBA) Advisory Panel for a decade as well as being Citigroup’s representative to the Centre for the Protection of National Infrastructure’s Financial Service’s Information Exchange.
“Chris Gibson brings with him a wealth of experience in cyber incident response in the private sector, both in the UK and internationally. His first-hand knowledge and understanding of cyber security will be invaluable as he leads the national CERT, said Francis Maude, Minister for the Cabinet Office.
The UK has had a version 1.0 national CERT structure since 2003 (including GovCertUK) but CERT-UK will have a much wider brief to coordinate incident response across the UK’s entire critical infrastructure.
“By establishing CERT-UK we will build on and complement our existing CERT structures. This will help improve national co-ordination of cyber incidents and act as a focus point for international sharing of technical information on cyber security,” said Maude.
“CERT-UK will be the expert single point of contact for other national CERTs around the globe.”
By interesting coincidence, earlier this week EU security agency ENISA released a report, Detect, SHARE, Protect, outlining the importance of co-ordinating the international response to cybersecurity incidents through national CERTs.
“The increasing complexity of cyber-attacks requires more effective cross-border information sharing among Computer Emergency Response Teams. Effective information sharing saves time and effort in incident response and post-mortem analysis. It also increases synergies and aligns the best practices among the CERTs,” said ENISA executive director, Professor Udo Helmbrecht.
With ENISA’s remarks directed at lagging nations, the boosted systems of CERT-UK should arrive in the nick of time.
Influenced by the UK’s experience in protecting the Olympic and Paralympic Games in 2012, CERT-UK is only one part of what amounts to a complete rebuilding of the UK’s national security infrastructure almost from the ground up.
This has turned into a complex jigsaw puzzle that includes a Cyber Incident Response Unit within GCHQ, the Centre for the Protection of National Infrastructure (CPNI), and the setting up of the National Cyber Crime Unit within the new National Crime Agency (NCA).
Other elements include HMRC’s Cyber Crime Team, national crime reporting initiative Action Fraud, and even the development of a Cyber Reserve force of computer experts to protect the UK against threats.