Nine virtual neighbourhood-watch schemes have been set up to act as early warning systems against cyberattack
The Office of the Deputy Prime Minister has approved the creation of nine regional IT security information sharing networks to cover all English councils, officials said on 29 September, 2005. The networks, which are likened to a virtual neighbourhood-watch service, enable council IT security specialists to share information on hackers, software vulnerabilities and online threats.
Known as Warning Advice and Reporting Points (Warps) they are to be initiated by the nine regional government offices, although it is hoped that the networks will eventually spring up “organically” among groups of local authorities. The Warps concept has been under development for some time in Whitehall but is now set to be promoted across the wider public sector and small businesses as well as councils. Speaking to Government Computing News, Peter Burnett, head of information sharing and international strategy at the National Infrastructure Security Co-ordination Centre (NISCC) said that the new networks go beyond the capabilities of the existing warning service. Until now, authorities across the public sector have had to rely upon the Unified Incident Reporting and Alert Scheme (Uniras) to get updates on Internet threats.
“The reason we conceived the Warps was because Uniras was asked to look at local authorities, but that is not really its area of expertise,” he said. “We had the choice of allocating more staff to Uniras, but we felt that it was trying to do too many things for too many people. Having these local communities run by and for the people who need the information would be the best way.” Burnett said that the aim was not to replace Uniras, but that the local Warps would supplement the central service.
“The approach is to find the right champion in each region. We need leading local authorities to take this forward â€” we’ve already got Birmingham on board for example.” The scheme is being rolled out following extensive piloting involving the London Connects e-government organisation and local authorities in Kent. Each region is to get Â£50,000 to set up the network, which is being matched by local funds. NISCC is also in initial talks with the NHS to set up similar IT security communities, and is looking to extend the service to police forces via the Police IT Organisation (Pito). A Pito Warp is already in place, as is one covering emergency services in the north-west.
Burnett had earlier promoted the service at an event organised by Kable on behalf of the Cabinet Office Central Sponsor for Information Assurance. He told delegates that he hopes people would use the network to share information on IT security and build trust. “Once one person takes the risk and donates something to others it will hopefully start a whole process of sharing,” he said. “The whole idea is that its relevant to local needs, it allows a community to deliver notifications in any format so that its relevant and easily understandable.
“We want them to become endemic, to just pop up all over the place and to help protect the critical national infrastructure and everyone else,” he said. Burnett was speaking at the first of a series of three road shows – the two other events are at Leeds on 25 October and Cardiff on 31 October.