|
Sharing safety information |
|
Warning, Advice and Reporting Points (WARPs) play a valuable role in staying on top of information security threats
 Warning, Advice and Reporting Points (WARPs) have been operating for six years. Starting with a trial serving the 33 London boroughs, the WARP concept is now an established aspect of Local Government Information Assurance in many parts of the country. However, WARP are not exclusive to the local government sector. There are now 15 active in the UK and in 2007 the concept was “exported”, with the creation of the first overseas WARP by the electronics giant Hitachi in Japan. More recently a WARP has been set up for the Irish Republic.
Each WARP is made up of members that have a collective interest. This could be a common business sector, geographic location or other common factor. In the public sector WARPs exist for local government and the health sector, in the private sector BT has a WARP and in the voluntary sector the Radio Amateur’s Emergency Network has a WARP.
Trust is everything
Trust is a key aspect of the programme. It is recommended that a WARP should consist of less than 100 members; more typical is 25-50. In this way members will get to know each other and develop the trust essential to enable a genuine sharing of experiences without fear of consequences. Each member typically represents an organisation (e.g. a local council).
WARP was instigated by a government department, the Centre for the Protection of the National Infrastructure (CPNI). Their role is to safeguard the physical, personnel and information security of the UK National Infrastructure. The growth in local government WARPs was aided by initial funding from the Office of the Deputy Prime Minister.
The functions of a WARP
WARPs have established relationships with national government Computer Emergency Response Teams (CERTs). In the UK these are GovCERTUK and CSIRTUK (CSIRT is a computer security incident response team, a variation on a CERT). Essentially, a WARP performs three major functions:
- issuing warnings and news on information security threats, vulnerabilities and exploits. Importantly, members receive only the information that they request. This is achieved via automatic filtering software that they input their choices to. These alerts can be reworded to ensure that they are appropriate for the member audience.
- advice via regular face-to-face and virtual meetings for the sharing of experiences, best practice and access to a network experts in information security
- a reporting point for information security incidents
Local councils have been going through the process of Government Connect. This is a programme to create a secure network between central government and every local authority in England and Wales (Scottish local authorities have a similar network). Known as the Government Connect Secure Extranet, participants have to satisfy the Code of Connection in order to join the network. This is a list of security requirements that need to be satisfied and has been a hot topic in local government IT. WARP members have found it useful to share their problems and experiences with their peers at the local WARP Forum meetings. It is now a recommendation within the code of connection itself for users to be WARP members.
Information sharing
The University of Wolverhampton have been involved in WARP since 2007, helping to deliver WARPs to local government in both the West and East Midlands. We have also piloted an NHS WARP, the experiences of which were are sharing with the Department of Health. We are also working on extending the concept to the Smaller Business sector and are in discussions regarding the prospects for a WARP to support the needs of the London Olympic Games in 2012.
The information that we send out is from numerous reliable and credible sources. As a WARP Operator, we research what is currently over 25 sources each day. We also receive alerts from GovCERTUK and each WARP can set up peer-to-peer links to facilitate information sharing from one WARP to another. We encourage reports from our members. This is because there will be occasions when a member may experience a problem before any information is publicly available. In these instances, WARP will be invaluable in being able to inform the relevant people very quickly. An example occurred recently where a WARP member was running one antivirus programme on their servers and a different programme on their end users computers. They experienced a virus infection that was not picked up by one of the antivirus programmes. Via the WARP network, we were able to very quickly inform over 50 councils in the Midlands about the issue.
WARP Operators Forum
The WARP Operators Forum is the National group for WARP. The regular participants in this are WARP Member Representatives, CPNI, GovCERTUK and representatives from other government departments. There may be other participants as required, e.g. from industry. Each year there is also the Annual WARP Forum that features expert presenters and workshops. This attracts a broader audience including international interest from countries that has previously included Japan, Canada, Estonia, Greece, Switzerland, Holland and Italy.
Tony Proctor is principal consultant/WARP manager for the University of Wolverhampton and a member of the Information Security Awareness Forum.
For more information
E-mail:
This e-mail address is being protected from spam bots, you need JavaScript enabled to view it
Information Security Awareness Forum: www.theISAF.org |
