The UK computer emergency readiness team (CERT) is expected to be operational by January 2014 following the success of the Fusion cell data sharing concept.
Although it was recently reported
that the team’s announcement had been delayed until next year, Trend Micro president for UK and Ireland Steve Jones told IT Security Guru that it was his understanding that the UK CERT would be up and running in three months. He said: “A plan like this is always going to be affected by a number of variables, but the last I had heard it is all being built up and they are on a recruitment drive and the launch will be in January 2014.
“The Fusion cell is trying to pre-empt this with the basic functions that will help prepare the program with the right technology to log information. There is so much data out there so you need to know what you have got and how to realise what is going on, and what you need to do to reduce the threat and bring extra intelligence to find the perpetrators and bring them to justice.”
Jones said that Trend Micro has been involved in other government projects such as the G-Cloud, security sharing project and Fusion cell, saying that they wanted to make sure that the UK is prepared “for the continued cyber threat”. He said: “The cell group is helping with the global threat intelligence services with the community to find out what is going on within the environment. It is important to recognise that anyone can be compromised and as there is no disclosure law in the UK, we still do not know if someone has been attacked until it is too late.
“So if we can share cyber security information and feed into the community as an active member of Fusion, we can offer information in terms of risk, it is important to get actionable intelligence on an attack.”
Commenting, Brian Honan, head of the Irish CERT said that he was unaware of any news of the UK CERT launch, except that it will be launched next year.
In terms of how this will benefit global CERTS, Honan said: “There are trusted networks which CERTs share information and request assistance in dealing with incidents. There a number of these networks and membership depends on the type of CERT you are.
“So for example there is a specific closed network for Government/national CERTs only. There is a network where all CERTS can join, e.g. in Europe there is the TF-CSIRT, and globally there is the Forum of Incident Response Security Teams. CERTS are vetoed and become members of these networks so they can then share information or request assistance.”
In terms of the right amount of skilled professionals to fill positions within CERTs, Honan said that different type of CERTS would have different people with different skill levels, such as legal experts or technical specialists, legal experts and for most CERTS, these are full time professionals.
“Having more CERTS in the above networks will always help in that the more information that is shared the better chance there is on tackling the criminals,” he said.