Police CyberAlarm monitors the logs of traffic seen by a member’s connection to the internet. It will detect and provide regular reports of suspected malicious activity, enabling organisations to minimise their vulnerabilities. The data collected by the system does not contain the body of the traffic. The system is designed to protect personal data, trade secrets and intellectual property.
Members of Police CyberAlarm will become part of the wider UK cyber defence network, sharing collected data with police for analysis at local, regional and national levels to identify trends, react to emerging threats and identify, pursue and prosecute cyber criminals.
Vulnerability Scanning can be added and used to scan an organisation’s website and external IP addresses, providing regular reports of all known vulnerabilities.
Data received by the Police CyberAlarm Server is then used to create regular reports on potential malicious activity seen by individual members as well as reports containing threat trends seen across the member network. Members can then use this reported intelligence to update their defences to better protect themselves from cyber threats.
Finally, this data is also used by the police cyber crime units to enhance the UK cyber crime threat picture, enabling them to identify, pursue and prosecute cyber criminals.
The security of Police CyberAlarm members has always been at the heart of the Police CyberAlarm project, as you would expect with any project backed and funded by policing.
The Police CyberAlarm system is safe for organisations to install and operate. It has been robustly tested internally by qualified security specialists, as well as undergoing review by two independent external companies, Prism Infosec and Arcanum Information Security, who are both highly qualified and well regarded within the Infosec community.
In addition to our ongoing monitoring, following the conclusion of testing and source code reviews performed by Prism Infosec and Arcanum, the NPCC Cybercrime Programme continues to be confident that the Police CyberAlarm system is safe and secure for organisations to install and use. This is backed up by the rigorous testing which has been carried out.
The NPCC is committed to security and will continue to ensure the security of the system by working with qualified independent cyber security companies as well as maintaining its own robust internal testing process. If any of the information security community would like to highlight any areas of improvement with the system we would welcome all comments via our responsible disclosure page on our website.
Police CyberAlarm has been developed by Pervade Software, an award-winning independent software vendor. Pervade Software is used by a wide range of private and public sector clients operating in more than 80 countries, along with partners ranging from independent consultants to global managed security service providers. They are an extremely experienced, well respected organisation who stake their reputation on the security of Police CyberAlarm.
“Prism Infosec were engaged on this project as an independent cyber security partner and our experienced testers have reviewed the security of the Police CyberAlarm solution. Our tests to date have found that the Police CyberAlarm service is resilient to common and more sophisticated attacks, and it is clear that the Police and Pervade Software are taking the cyber security of this service seriously. Following our tests, we have observed security updates being applied quickly and effectively to the Police CyberAlarm service, in line with best practice.
If your organisation does not currently use any security monitoring and alerting services, or you are contemplating extra protection, then we would encourage you to consider Police CyberAlarm to help protect your environment from the threat of ongoing cyber-attacks."
"Having tested the Police Cyber Alarm system, we are satisfied that it is safe to install and use, and we believe it will be a valuable addition to small companies Cyber Security measures.
Our consultants performed a thorough assessment of the CyberAlarm data collector to identify any security vulnerabilities within the appliance which might affect NPCC or its members. The assessment was conducted by 2 Senior Penetration Testers each with Crest Registered Penetration Tester certifications and extensive experience testing large and complex systems."
Bytes Software Services Limited have issued a statement, please click here to read it in full at 18.104.22.168-statement
Join Police CyberAlarm today and start receiving regular security updates and reports to help you and others gain a better understanding of current threats.