Question
Asked by
To ask Her Majesty's Government which departments are responsible for their assessment of and response to cyber attacks. [HL1915]
The UK's Government Computer Emergency Response Team (GovCertUK) and Combined Security Incident Response Team (CSIRTUK) provide response and analysis to the public sector and critical infrastructure providers respectively. The Centre for the Protection of National Infrastructure (CPNI) and CESG (the national technical authority for information assurance) also provide advice and guidance on electronic attack/cyber attack to the critical national infrastructure and to government departments. Organisations such as the Ministry of Defence also run their own CERTs (Computer Emergency Response Teams).
The Cyber Security Operations Centre (CSOC) was set up in September 2009 with staff drawn from a range of government and other key stakeholders. It provides a hub for strategic analysis of developments in cyberspace, and improving the co-ordination of the UK's response to cyber incidents. CSOC's work will draw together a broad range of sources to enable a better understanding of the risks and opportunities of cyberspace, ensure information is coherently distributed to government, industry, international partners and the public, and help inform strategic decision-making.
The Office of Cyber Security (OCS) was set up at the same time as CSOC to provide coherence and strategic leadership across the Government's cybersecurity policy interests. This includes horizon scanning to consider impact of an evolving cyber landscape for the UK's cybersecurity, and working with partners across government to identify and implement the appropriate policy responses.