UK government plans new cyber-security initiatives
The British Government will announce next week a raft of major IT security initiatives in response to the increasing threat posed by electronic attacks on government and corporate systems. On 22 June, the National Infrastructure Security Co-ordination Centre (NISCC) - the government body charged with securing the UK's critical national infrastructure - will launch a new initiative to accelerate the roll-out of warning, advice and reporting points (WARPs) across the UK. Next week's announcement will see the launch of a purpose-designed toolkit which will be freely available to any organisation or community that wishes to set up their own WARP. Each WARP is intended to act as a trusted information exchange, enabling details of electronic threats and attacks to be disseminated rapidly to a small and focused community of users. The toolkit, which will be ready to download at a new www.warp.gov.uk website, will include sample security policies, presentations and guidance, as well as software that organisations can use to operate their WARP service. The software has been donated by Microsoft as no cost to the British Government and will be available for non-commercial use. Speaking at the British Computing Society IT security conference last week, NISCC Director Roger Cumming expressed his belief that "WARPs will become endemic across the UK and beyond." In a separate and equally significant development, the government is also planning to announce shortly a UK “kitemark” scheme for certifying the suitability of vendor IT security products. The initiative is being developed by the Central Sponsor for Information Assurance (CSIA), a unit of the Cabinet Office designed to bring together security expertise from across government. The scheme will effectively kitemark a set of approved vendor IT security products, providing users with assurance that a solution can fulfil a particular need. The move follows a perception in Whitehall that existing schemes for assuring the security claims of vendor products - for instance, the international Common Criteria certification - have become too “high-level” for standard users. "We are aware that Common Criteria and other schemes have their roles for higher levels of assurances," commented Harvey Mattinson, head of accreditation for the CSIA. "While they have their rightful place, what concerns us is that the majority of users in UK plc need something to which they can better relate. The aim is to develop a methodology that will give people confidence that a product does what it says it does." Mr Mattinson added that the CSIA had committed to working in close partnership with representatives from the IT industry and government to ensure the scheme's success.
Reproduced from an article published by DMeurope.com
© DMeurope.com
The original article can be viewed here:
http://www.dmeurope.com/default.asp?ArticleID=2051
Permalink Bookmark Digg this story
