Key organisations
There are a number of key government organisations involved in all aspects of protecting the UK’s information systems, from combating hi-tech crime to promoting information security to business.
CESG [External website]
CESG is the national technical authority for information assurance. It provides security guidance for government departments, agencies, local government and the wider public sector to help them achieve their business aims securely.
Central Sponsor for Information Assurance (CSIA) – Cabinet Office
Government has recognised that there is a need for a strategic and co-ordinated approach to protecting the nation's information systems. The CSIA in the Cabinet Office plays a role in pulling together all the various projects going on across government and looking at any gaps or overlaps that might need to be addressed. It works with partners across government and the private sector, as well as its international counterparts, to help maintain a reliable, secure and resilient national information infrastructure.
Home Office [External website]
The Home Office fulfils a number of functions in relation to information security. It is responsible for ensuring that the UK’s Critical National Infrastructure (CNI) is protected as well as policing for hi–tech crime (e.g. crimes that are committed either against computers or with the support of computers or computer networks). It also deals with a wide range of crime reduction, police and anti-social behaviour initiatives which have an information security impact.
Ministry of Justice [External website]
The Ministry is responsible for data protection and data sharing, both domestically and representing the UK's interests internationally. The Data Protection Act 1998 governs how organisations may use the personal information that they hold - including how they acquire, store, share or dispose of it. The Ministry of Justice develops policy of public organisations sharing information and maintaining and strengthening safeguards and privacy. Data sharing is central to the Government's ability to fulfil its commitment to improve public services and provide greater protection and support - both for individuals and society as a whole.
The Information Commissioner's Office (ICO) [External website]
The Information Commissioner's Office is the UK's independent authority set up to promote access to official information and to protect personal information. All public and private organisations are legally obliged to protect any personal information they hold. Public authorities are also obliged to provide public access to official information. The ICO assists organisations in understanding these obligations and keeps them updated when any changes occur.
Centre for the Protection of National Infrastructure (CPNI) [External website]
CPNI is an interdepartmental organisation set up by the Home Office in 1999 in order to minimise the risk of electronic attack against the UK’s CNI. It works in partnership with the owners of the systems that support critical services in both the public and private sectors and offers a wide range of information and advice on best practice in protecting organisations' information systems. CPNI advises on how best to protect information systems and, through investigation and work with UK and international partners, it assesses the threat of attack. It issues alerts and warnings, manages the responsible disclosure of new vulnerabilities, undertakes R&D work with partners, and promotes information sharing.
The Serious and Organised Crime Agency (SOCA) [External website]
The National Hi-Tech Crime Unit (NHTCU) became part of SOCA when the organisation was launched in 2004. SOCA takes e-crime seriously and the NHTCU has evolved into a dedicated unit within SOCA to tackle the problem. The Unit has more people, more resources and a bigger budget than its predecessor. It brings together experts from different organisations under one roof and gives this important issue more focus with less potential for overlaps. SOCA recognises that hi-tech techniques are used across the whole range of organised criminality, not just by specialised ‘hi-tech criminals’. That is why SOCA's e-Crime Unit is integrated into SOCA, providing the specialist knowledge and techniques needed to fight today’s organised criminal enterprises.
Department for Business, Enterprise and Regulatory Reform (BERR) [External website]
BERR aims to increase the productivity of UK businesses and encourage confidence in the use of new information and communications technologies. It has responsibility for all businesses, including small-medium enterprises (SMEs), and includes customers in the CNI. BERR works with business to raise awareness of the importance of effective information security management and to encourage the adoption of security standards such as ISO/IEC 27001.
