Skip Navigation

  • Home
  • Contact us
  • FAQ
  • Glossary
  • Public key
  • Sitemap
  • Cymraeg
  • What's new
CPNI - Centre for the Protection of National Infastructure

Advanced search

  • About CPNI
  • The threats
  • Security planning
  • Methods of attack
  • Protecting your assets
  • Products and services
    • CSIRTUK advisories
      • Advisories archive
    • General protective security publications
    • InfoSec briefings
    • InfoSec technical notes
    • InfoSec vulnerability disclosures
    • Good practice guidelines
    • Viewpoints
    • Information exchanges
    • Risk Management Delivery Group
  • Research
Home > Products and services > CSIRTUK advisories > Advisories archive > July 2007 > 3268 - A new mechanism for advisory distribution and security incident reporting to CSIRTUK

July 2007

3268 - A new mechanism for advisory distribution and security incident reporting to CSIRTUK

ID: 3268
Date: 24 July 2007 14:23
Title: 3268 - A new mechanism for advisory distribution and security incident reporting to CSIRTUK
Abstract: This advisory describes the function of CSIRTUK (CPNI Combined Security Incident Response Team), how its community can report security incidents and the new method of distributing security advisories using RSS Feeds.  

Source: CSIRTUK
Reliability of source: Trusted

Introduction

On the 31 January, the Final UNIRAS Briefing was issued advising its community of various changes in the provision of protective security advice with the creation of the Centre for the Protection of National Infrastructure (CPNI). It commented that the CPNI website would be the main source of its advisory material using a new distribution mechanism. This new mechanism has now been implemented and detailed below.

Detail

CPNI is introducing a new mechanism for issuing advisories about computer security incidents.  In keeping with its holistic approach to protective security matters, the new mechanisms will encompass physical and personnel security issues as well.

When it was formed on 1 February, CPNI absorbed virtually all of the duties of the former National Infrastructure Security Co-ordination Centre (NISCC).  Amongst these was the UNIRAS service, the UK Government Computer Emergency Response Team (CERT) that was responsible for receiving, reviewing, and responding to computer security incident reports, providing advisories and related activity.

Although the UNIRAS brand was dropped on 1 February, CPNI has continued to run a CERT for its partners in the private sector who operate elements of the National Infrastructure, ie those elements of the infrastructure that are crucial to the continued delivery of essential services to the UK.  This service is provided by a part of CPNI known as the Combined Security Incident Response Team (CSIRTUK). At the same time, CESG assumed the responsibility for running a CERT serving UK Government Departments and the wider public sector.  This is called GOVCERTUK (www.govcertuk.gov.uk).

CPNI believes that the approach to security should be holistic - covering the three disciplines of physical, personnel and electronic issues.  In addition, its strategy is to make its advice as widely available as possible.  Accordingly, CSIRTUK advisories are now available via an 'RSS' feed on the advisories page of the CPNI website.  The current CSIRTUK Email advisory system will eventually be discontinued. Another RSS feed on the CPNI main page will alert the community to any changes in other areas of the website. Anyone, from a major infrastructure organisation to the private citizen, may use these feeds to receive CPNI material.

An important part of security risk management is to learn from the experiences of others.  Accordingly, via CSIRTUK, CPNI would like to hear about potential security vulnerabilities, incidents or events, whether in the electronic, physical or personnel security spheres from National Infrastructure organisations. This information will be treated as confidential, suitably sanitised to remove particulars that would identify individuals or organisations, and incorporated into generic security advice. In this way, the many can learn the lessons of the few.

By enhancing the traditional CERT role to cover holistic advice, CSIRTUK will provide a central point to which CPNI encourages its community to report security incidents and from which they can receive advice and guidance.

The CSIRTUK Help Desk can be contacted via the following email address - csirtuk@cpni.gsi.gov.uk.  Sensitive information should not be sent via unencrypted email. Contact the Help Desk for advice about how sensitive information can be sent.

CSIRTUK does not provide advice in relation to criminal activity. You should report such incidents to your local police force. If the incident relates to an imminent threat to life or property, then please contact the police on 999 or, if the incident is believed to be related to terrorism, the police Anti-Terrorist Hotline on 0800 789 321.

CSIRTUK is a member of the Forum of Incident Response and Security Teams (FIRST) and has contacts with other international Incident Response Teams (IRTs) in order to foster cooperation and coordination in incident prevention, to prompt rapid reaction to incidents, and to promote information sharing amongst its members and the community at large.

  • Accessibility |
  • Terms and conditions |
  • Privacy statement |
  • Data protection act |
  • Freedom of information |