Government intelligence arm GCHQ is to spread information to trusted partners to enable wider defence capabilities.
Speaking at the IA14 event, GCHQ director Sir Iain Lobban said that a new initiative will see it work with industry partners to enhance the protection of UK networks from threats in cyber space.
He said: “Ultimately we’re seeking to use our unique capabilities, and the range of insights gleaned from our intelligence and security work, to offer – at scale and pace – classified information about threats to the UK’s most critical networks.”
He said that this would work with security-cleared personnel in trusted service providers receiving timely and usable intelligence. They will use this privileged awareness to take early action on the networks they manage, whether they be for Government or other critical UK networks, and be able to act “as the UK’s first line of defence in countering cyber threats to the nation from state actors and cyber criminals”.
He said: “The first phase of this initiative is to engage the communications service providers who are vital to delivering HMG’s Public Services Network. But we won’t stop there – we need to ensure the benefits that Government gets from these partnerships are available to a broader community, ultimately raising the protection of the UK as a whole.”
Lobban admitted that the problem can never be solved entirely, and this can only ever be part of a wider defence in depth approach, but he said that it formally marks the start of the use of unique and sensitive expertise and knowledge for defence of the UK’s networks at scale.
“It also aims to build on, not replace, some excellent threat intelligence that is already available from industry and Government,” he said. “In particular, the Cybersecurity Information Sharing Partnership (CISP), now part of CERT-UK, has already delivered valuable support to industry in sharing general threat awareness and advice – making a tangible difference to mitigating threats.
“But this new initiative takes that sharing further than ever before, well beyond our current partnerships, to a more automated, ‘net speed’ enterprise that cyber space demands.”
He concluded by saying that this is about national and economic security, and it’s achieved by developing real, meaningful partnerships across Government and industry. “GCHQ has a strong role to play in supporting the digital economy, whether helping everybody be safer on-line, investing in the UK’s future capability or encouraging and supporting UK industry. It’s a good story to tell that’s getting better month by month.”
