In 2003 the landscape of the world was different.
Mobile phones were just beginning their diet and could weigh down even the lightest of handbags. Labour were in power and the internet was in its infancy, with email, search and the instant streaming of videos just emerging from the drawing room. It was a time of discovery and realisation. Whilst these advances in technology would push society forward quicker than ever before, they also carried with them a dangerous undercurrent.
Hackers saw these developments as an opportunity. Over the last fifteen years they have grown and evolved to the point today where they are able to bring an organisation like the NHS to its knees. They exploit vulnerabilities and in 2018 more than 40% of businesses in the UK reported some form of cyber security breach in the last year. This does not take into account the number of un-noticed security breaches.
As quickly as defences are created, they are topled and so it is a constant battle to stay ahead of the hackers and enable constant vigilance. One of the ways in which organisations can stay ahead is by sharing best practice. By coming together and sharing stories of attacks and how they were propelled, the learning time between attack and remedy can be shortened. You can recognise common tactics and arm your employees with the means in which they need to repel any intrusions. Cyber threats will never be truly eliminated but they can be managed.
Information Security for London (ISfL)
In April 2003, ISfL was launched with the express purpose of creating a community of like minded individuals that were connected by ICT. More specifically, information security and the growing threat to corporate infrastructure. That year the first WARP was assembled and no, not the warp drive that you associate with Star Trek, the premise of the WARP was that it would be able to offer its members three core services:
WARNING – a feed of filtered notifications about current threats and vulnerabilities
ADVICE – facilitation of information sharing and good practice
REPORTING – a means by which members can report incidents to the WARP operator for anonymous sharing
This pilot community was set up by utilising the knowledge contained within the London boroughs. It continues to this day to make a difference and share the knowledge contained within by pooling the knowledge and experience of its members. In this way ISfL makes the most of shared knowledge and experience, saving time and money. They collaborate wherever possible, with other public sector organisations, whilst also sharing and learning from the private sector.
Hytec Information Security have been a firm friend to ISfL and admire their achievements, especially the ISfL Protective Marking Methodology and the ISfL BYOD Toolkit. These have raised skills and awareness in the areas of information assurance, governance and security. It is with these reasons in mind that Hytec was honoured to sponsor their November meeting, in addition to being provided with the opportunity to speak to their distinguished guests.
ISfL and Hytec - November Meeting
Hytec took full advantage of the opportunity, presenting the merits of the Managed Security Service to all those in attendance.
This solution has been created off of more than 20 years' experience and resonated with all the members. With ISfL being able to trace its origins back, nearly as far as Hytec, there is an unspoken bond of confidence between the two organisation's. Both believe in sharing knowledge to grow and learn, with the Managed Security Service being the exact personification of this. The service significantly enhances the protection of systems/data, helping organisations to achieve compliance requirements and ensuring appropriate security mechanisms are in place.
It draws on knowledge from professionals across the world and provides unparalleled access to 24/7 support, which encapsulates the mission statement of ISfL. In addition to providing support throughout the day, the service also continually draws from an online database of best practice. What does this mean? It means that if a particular virus is discovered in America, then it can be uploaded to the database and then the powerful AI can screen it out from proceedings. This continual learning process, combined with 24/7 alerts and experienced staff that are continually following best practice guidelines and sharing knowledge, is the future of cyber security. We are stronger together and it is with this in mind that the delegates praised the presentation and were eager to find out more.
Hytec will be attending other ISfL events in the future and look forward to being involved with the development of security operations in London.