Robert Flanders, Cyber Programme Technical Lead talks about sharing cyber expertise and cross government collaboration.

Sharing Cyber Expertise

Cyber Security skills and capability are both key areas in which the Home Office is investing. As we do so, we have a responsibility to the tax payer to ensure that the capabilities we deliver are value for money and deliver proportionate risk reduction.

With the support of the National Cyber Security Programme funding, we’ve been exploring several, more cutting-edge cyber security capabilities, with a view of not only increasing our protective capability but also ensuring that we invest money wisely. These areas are:

- Threat intelligence

- Threat hunting

- Digital risk and intelligence

Collaboration

To achieve this, we engaged with several different stakeholders from government departments and industry partners to understand what their current capabilities looked like. We held numerous discussions to probe them on whether it was difficult to stand up their capability, recruit resources with the correct skillset, whether there were any challenges funding the capability and engaging senior stakeholders, as well as which technical tools they were using and if these were providing value.

The conversations were insightful, and all stakeholders were willing to share stories and help each other along our individual journeys to cyber security maturity. Through these engagements, we have formed and enhanced pivotal relationships with key partners across government and industry, with whom we will continue to work collaboratively in the future.

Whilst we can’t discuss on a public blog exactly what we have deployed, we have been able to bring our learnings together into a set of guides for others who may be interested in these areas.

Detecting the Unknown - A Guide to Threat Hunting v2.0

Cyber Threat Intelligence A Guide For Decision Makers and Analysts v2.0

Controlling Your Exposure - A Guide to Digital Risk and Intelligence v2.0

These documents are aimed at both Cyber Decision makers who may have an interest in these areas, or practitioners who are looking to manage or deploy capability. We are sharing these documents to enable others (both public and private sector) to tackle these issues*, and in doing so improve the security of the UK as a whole. We are very grateful to Cabinet Office, NCSC and our other collaborative partners who assisted us in creating them.

Looking forward

Countering the adversary across the UK is a team sport. The Home Office is keen to engage with others in the public sector to share further lessons on this and other topics. If you have comments on the paper, or want to speak to us about the topics explored:

CTIPlaybook@homeoffice.gov.uk

*N.B. This content is a view from one perspective only – NCSC guidance, in particular the minimum cyber security standard should be read and actioned first