BRIM is proud to announce, following an extensive EU tender procurement process, it has been appointed to establish ten Cyber Resilience Centres (CRCs) in partnership with Police UK in the next 15 months to help businesses prevent cyber-attacks as well as support those organisations that are affected by data breaches.
BRIM will use its successful modular based set up programme and project management support to establish the Centres, based on the similar model which is recognised for its success in Scotland.
In recent months the approach was used to establish Centres in Greater Manchester and the North East of England and Yorkshire, Police UK were keen to enable wider adoption fast, as the pace of criminal activity and threat to business and third sector organisations continues to rise.
In Scotland, the Scottish Business Resilience Centre works hand in hand with the single police service (Police Scotland) to deliver prevention advice to business. The Centre exists to create an environment where business can trade securely, regardless of size and sector and works closely with its partners, members and stakeholders to help make Scotland a more resilient and safer place to live and work. It offers a wide range of services and advice covering all aspects of business resilience.
Based on the SBRC model, a Cyber Resilience Centre (CRC) is a law enforcement supported organisation that creates a set of free and affordable resources to address the increasing curve in cyber-crime by opening a dialogue between the public and private sector to prevent and address the threat from cyber-criminals. Some agree wider remits and are recognised as Business Resilience Centres. (BRC)
Notably the demand for consistent brand recognition and structure to enable multi location businesses, and UK wide crime trends to be navigated efficiently, has seen a sharp rise in demand for services from BRIM.
For businesses, a CRC provides a dedicated point of contact on cyber-crime and access to services that can support them in becoming cyber-resilient. It translates intelligence gathered from Government specialist teams including GCHQ and NCSC.
The CRC, therefore, becomes a resource hub that further increases business confidence in the ability of the police to deal with cyber-crime, thus encouraging increased reporting and collaboration.
For the Police, having a CRC provides a central point to focus the tools, information and expertise to help prevent cyber-crime and deal with cyber-criminals. In an increasingly sophisticated digital environment, the CRC models also facilitates police access to high-level, cutting-edge cyber-skills in an affordable way, through the association with Ethical Hacking students at leading universities.
Currently the main customer is Derbyshire Constabulary where Chief Constable Peter Goodman is responsible for the NPCC Cyber portfolio for the UK.
The model will deliver three different elements which include;
The set up and governance of a board as an independent organisation combining police, academia and business
Provisioning of commercial services through working directly with regional universities and live students
Working directly with the policing cyber model to support business to be a part of these models
IASME, which delivers the preferred Cyber Essentials model across the UK, will also play an active role in the delivery of this contract. IASME is also the National Cyber Security Centre’s sole Cyber Essentials Scheme Partner from April 2020 onwards.
BRIM CEO Mandy Haeburn-Little said the tendering process was "lengthy and at times exhaustive".
"We are absolutely delighted that we will be able to develop further the model which has been successful in other parts of the UK and look forward to continuing to work very closely with partners in all areas of policing including the Protect Network, the cyber-security industry, the SBRC and IASME," she said. "We are delighted that our model was recognised above other submissions and really looking forward to getting started."
As reported by SC Media UK, Goodman said at the CSC19 conference in Monaco that it is important to "get an understanding of the concerns of CISOs in private industry and their perspectives, the commercial imperatives they face, including when it comes to reporting cyber-crime".