Information Security for London (ISfL) is a forum for the Information Security officers of the London boroughs and associated public sector organisations. Facilitated by Capital Ambition, it allows the boroughs to get together on a regular basis to share good practice, exchange views and address security issues that could potentially be affecting everyone.
There has been an increase in uptake of membership – all bar five of the London boroughs are regular attendees at the ISfL Members’ Foums along with the London Fire Brigade.
The group benefits from peer review which saves members significant time by reducing the number of iterations they need to take to management in their own boroughs. The group also shares and receives best practice with other WARPs outside of London. The current ISfL Group manger (Matt Smith) was chair of the National WARP Operators Forum during 2009/10
Capital Ambition also runs a Warning, Advice & Reporting Point (WARP) as part of the ISfL offering. WARPs are part of the Centre for the Protection of National Infrastructure's (CPNI) information sharing strategy to help combat the increasing risk of electronic attack on our information systems. WARPs have been shown to be effective in improving information security by stimulating better communication of alerts and warnings, improving awareness and education, and encouraging incident reporting. Membership of a WARP can also reduce the costs of good Security.
The London WARP was launched in April 2003 and was the first WARP to be set up in order to prove the WARP concept. It is now very well established and serves the 33 London boroughs. The LWARP service is part of the overall ISfL work programme.
We aim to continue to maintain provision of the three core Warning, Advice & Reporting Point (WARP) services:
- Filtered Warnings Service – ISfL members subscribe to an online web application where they are able to set up preferences using a categorized ‘tree’. Notifications and alerts on viruses, malware and software vulnerabilities are generated by the ISfL Group Manager based on intelligence from a number of different sources. This filtering is carried out automatically by the web application, access the service at: http://22.214.171.124/FWA5
- Trusted Sharing Service – this is all about Incident Reporting and has become increasingly important over the last two years as local authorities have gone through the process of connecting to the Government Connect Secure Extranet (GCSx). Members are encouraged to share security incidents with each other, anonymised if required, so that everyone can benefit from lessons learned. LAs must report incidents to CESG (the UK National Technical Authority) and WARPs are the primary interface between the two.
ISfL have also made valuable contributions to a wide range of other projects and initiatives such as:
- Consulting with the Cabinet Office and helping develop not only the National Information Assurance Strategy (NIAS) but also the Business Impact Level (BIL) table upon which the whole of government rely on.
- Influencing some of the changes between versions 4.1 and 3.2 of the Government Connect Code of Connection (CoCo) in order to simplify the guidance to lower the cost of implementation. See: http://www.govconnect.gov.uk
- Held numerous training and information update workshops including: IT and the Law, Computer Forensics, Encryption and Remote Access
- Shared information and a number of procurements around ITHC – an area in which the shared expertise means that later procurements were to a far more appropriate scope, such as simply aligning it to ensure that PCI, ITHC & ISO27001 were all covered by the same testing programme.
- Our work has lead to significant discussion leading to several shared pieces of documentation on USB/media controls
- Has been involved in national Forensic Readiness work and the development of CESG’s Good Practice Guide (GPG) 18
- Leading an ongoing programme of collaborative projects including: Information and Asset Classification; Incident Response; IT Health Checks (ITHC) – an integral part of the Government Connect Code of Connection (CoCo).