Cumbria Constabulary has become the first police force to use the National Management Centre (NMC) for cyber security set up under the National Police Chiefs’ Council (NPCC).
It went into operation this week with an initial monitoring service that scrutinises the force’s cloud based IT estate, and the programme team is now working on a phased implementation programme to bring in other forces across England and Wales.
The NMC has been set up under the National Enabling Programmes (NEP), which are aimed at harnessing digital technology to transform policing and funded within the £100 million contract awarded by the NPCC to BT and Deloitte in November of last year to support the programmes.
It is managed by a NEP team and provided by BT as a police-specific facility in its existing security operations centre, with dedicated teams of cyber professionals. Deloitte is acting as the client delivery partner and leading on the implementation.
The NMC uses a range of security tools, technologies and a team of analysts to monitor the IT environment for unknown and evasive cyber security threats.
Elimination
A spokesperson said: “Together they will help ensure these threats can be locked down and eliminated before they cause damage and disruption. The facility operates 24 hours a day, seven days a week, 365 days a year, and the intention is for it to be rolled out to all police forces across England and Wales.”
It will be implemented in two phases. The first, now used by Cumbria Constabulary, provides the monitoring service and can generate alerts on a near real time basis if there are any indications of potential security attacks or suspicious behaviour, providing nominated contracts with the force’s security operations team with information to mitigate threats.
Under the second phase, over the coming weeks operations will be expanded from covering the force’s cloud infrastructure to its on-premise systems.
The spokesperson said that the NMC’s services will be expanded over the next few months to provide a comprehensive, pro-active security capability.
Its implementation is the first step in the NEPs, which have been developed to respond to some of the priorities set out in the Policing Vision 2025 strategy. These include using technology to improve productivity and harnessing identity and access management to give the appropriate people access to online resources without compromising security.