Bringing you together

Keeping on top of the huge volume of system vulnerability information is very time-consuming. WARP offers members the opportunity to receive early-warning notifications. And, as importantly, the chance to come together to discuss challenges and share best practice in a confidential and trusted environment.

As IT becomes more cloud-based and a broader range of devices are used, it’s all the more important to make all your staff aware of how to be vigilant to cyber-threats.  The LGA has produced a guide for councillors to explain the basics.

In summary, a WARP provides:

• Safe space to talk and share with peers: support, advice
• Access to information & knowledge: expert speakers from government and industry
• Intelligence sharing: timely alerts on threats, incidents
• Collaboration: projects and policy development
• Representation – the collective voice

As of January 2021, SEGWARP has 40 member authorities and the wider the reach, the better the information-sharing. The LGA is advising all local authorities to join a WARP, because the benefits of information sharing and support are clear in an increasingly IT-dependent, interconnected world.

SEGWARP comprises of the following elements:

Warning

SEGWARP members receive the latest news from the National Cyber Security Centre, technical press, police teams and Information Commissioner’s Office to help them keep on top of the ever-changing developments in security.

Advice

SEGWARP meets virtually (since COVID) over 12 sessions a year. Attendees are able to discuss their experiences and concerns in a confidential environment where no information will leave the room unless authorised by the speaker. In addition, guest presenters attend to highlight products and services that may enhance cyber-security processes and to share knowledge from outside the public sector.

Supported by SEE, the forums are run by members of the SEGWARP, to meet the needs and interests of its membership. This includes inputting into their content and management, including presenter topics and technical skills sessions offered by peers.

Reporting

WARPs provide a confidential reporting point for information security-related incidents.

Networking

We know that issues and concerns don’t conveniently arise when you can discuss them face-to-face with peers. So we facilitate the asking of group questions or polls via a Slack workspace so that you can keep in touch with country-wide colleagues in a way that suits you.  The workspace is used by WARPs across the country including colleagues from the NHS, blue-light services, universities and housing associations, giving our members access to the most valued hive-mind possible.

Reading Borough Council considers the advisory notices received from SEGWARP an essential process within the Council’s overall Security Governance framework as it provides early alerting and a summary of important security alerts in an easily understood and prioritised form which the Council’s ICT Outsourced supplier also finds extremely useful in ensuring Security Compliance is maintained. We would encourage others to include SEGWARP as part of their own Security Governance processes.

West Berkshire Council has found this service invaluable – it is cost effective and brings all the alerts we need to be aware of into one place, as well as being assured of the source and relevance of the information. In these times of staff and budget cuts resulting in lack of time to keep up with important IT security changes/risks, the network meetings provide an excellent way of sharing knowledge and experiences as well as keeping up with current and future areas of concern. The ‘closed’ group is particularly useful for discussing concerns and identifying lessons learned from other LAs.

I have been attending the Segwarp for over a year now and have gained invaluable knowledge from attending these sessions.   I now have contacts at the NCSC and SEROCU that I can contact for advice and guidance.   I highly recommend joining the SEGWARP and renew my annual membership as a matter of course.

I was initially reluctant to joining the SEGWARP meetings, yet another round table group which would take up a day while I had ‘real’ work to do. But have found them to be very useful in gathering information from people in similar positions with near identical issues. I also have now network of contacts which I can draw on between meetings if problems arise. I would encourage anyone thinking of joining to seriously consider the benefits in can bring you and your organisation.

Since COVID SEGWARP has been meeting virtually.

All members of SEGWARP are invited to participate but the confidential nature of meetings means that minutes cannot be shared outside this group. However, the broad outline of discussions has been.

Some helpful resources from the Regional Organised Crime Unit, to kickstart cyber-security conversations in your organisation.

• Ten steps to cyber security, provided by the National Cyber Security Centre
• Weekly threat reports and alerts, provided by the National Cyber Security Centre
• Various infographics, provided by the National Cyber Security Centre, including:
  • Small business guide
  • Small charity guide
  • NCSC glossary
  • Password guidance
  • 10 steps to cyber security
  • Common cyber attacks
  • Bring your own device guidance
  • Managing information risk
• General advice on cyber security for business and the public
  • Cyber Aware
  • Cyber Essentials
  • Europol ransom-free keys
  • Get Safe Online
• Social media accounts
  • YouTube – CEOP
  • YouTube – South East ROCU Cyber Protect
  • Twitter – Get Safe Online
  • Twitter – South East ROCU Cyber Protect
  • Twitter – National Cyber Security Centre
  • Facebook – Cyber Aware
  • Facebook – Take Five Stop Fraud
  • Facebook – Cyber Protect UK