Cumbria Constabulary has become the first police force to use the National Management Centre (NMC) for cybersecurity set up under the National Police Chiefs’ Council (NPCC).
It went into operation this week with an initial monitoring service that scrutinises the force’s cloud-based IT estate, and the programme team is now working on a phased implementation programme to bring in other forces across England and Wales.
The NMC has been set up under the National Enabling Programmes (NEP), which are aimed at harnessing digital technology to transform policing and funded within the £100 million contract awarded by the NPCC to BT and Deloitte in November of last year to support the programmes.
It is managed by a NEP team and provided by BT as a police-specific facility in its existing security operations centre, with dedicated teams of cyber professionals. Deloitte is acting as the client delivery partner and leading on the implementation.
The NMC uses a range of security tools, technologies and a team of analysts to monitor the IT environment for unknown and evasive cybersecurity threats.
A spokesperson said: “Together they will help ensure these threats can be locked down and eliminated before they cause damage and disruption. The facility operates 24 hours a day, seven days a week, 365 days a year, and the intention is for it to be rolled out to all police forces across England and Wales.”
It will be implemented in two phases. The first, now used by Cumbria Constabulary, provides the monitoring service and can generate alerts on a near real-time basis if there are any indications of potential security attacks or suspicious behaviour, providing nominated contracts with the force’s security operations team with information to mitigate threats.
Under the second phase, over the coming weeks, operations will be expanded from covering the force’s cloud infrastructure to its on-premise systems.
The spokesperson said that the NMC’s services will be expanded over the next few months to provide a comprehensive, pro-active security capability.
Its implementation is the first step in the NEPs, which have been developed to respond to some of the priorities set out in the Policing Vision 2025 strategy. These include using technology to improve productivity and harnessing identity and access management to give the appropriate people access to online resources without compromising security.
BA, Marriott Face Massive Fines For Data Loss
If proof was needed that poor data protection is bad for the corporate wallet, two examples have demonstrated that substantial fines face those organisations that have lax data security.read more
Cumbria First Police Force To Utilise NMC Tools
Cumbria Constabulary has become the first police force to use the National Management Centre (NMC) for cybersecurity set up under the National Police Chiefs’ Council (NPCC).read more
Phishing Attacks Bypassing 2-Factor Authentication
Penetration testers and attackers have a new tool in their arsenal that can be used to automate phishing attacks in a way that defeats two-factor authentication (2FA) and is not easy to detect and block, reports CSO Magazine.read more
Third of Breaches Caused By Unpatched Vulnerabilities
IT security professionals have admitted that a third of cybersecurity breaches are the result of vulnerabilities that they should have patched.read more