In this exclusive interview, Security Journal UK talks cybersecurity with the North East Business Resilience Centre (NEBRC), winners of the Outstanding Cyber Initiative award at the UK Outstanding Security Performance Awards (OSPAs) 2021.
Could you tell us about the services the NEBRC provides?
The NEBRC provides a forum in which law enforcement, academia and private sector partners can exchange information, knowledge, skills and solutions to improve cybersecurity for businesses and victims across the region, thus preventing cybercrime from occurring.*
The Centre has been established as a private, not for profit company, with a Police Superintendent Director, Chair and Board. The NEBRC has a commercial arm staffed by students offering cybersecurity consultancy, heavily supervised by a Chief Ethical Hacker and Detective Inspector.
The centre provides the following, but not exhaustive, concepts:
- Support to businesses who are victims of crime by providing protect and prepare advice consistent with NCSC campaigns and IASME approved cyber-essentials standards.
- Cybersecurity advice to individuals on a pro bono basis using NCSC and local marketing via Free Core membership
- Cybersecurity advice to businesses (small, medium and micro) on an affordable basis by offering membership of the centre in return for business alerts, CPD events and the offer of student services. These include ethical hacking, penetration testing and general security advice and are provided by vetted students from our partner universities of Sheffield Hallam and Northumbria, studying for related degrees.
- Encourage membership of the Cyber Security Information Sharing Partnership (CiSP) through each members’ supply chain.
- Help businesses and public/local authorities recover from cyber-attacks and prepare for such an eventuality using contingency planning and table top exercises
- Establish strong links with academia and cyber-centres of excellence (e.g. CENTRIC at Sheffield Hallam University) to support law enforcement, commercial ventures, innovation and employment opportunities as well as assisting with developing educational programmes, internships, apprenticeship programmes and ongoing CPD.
- Link to the National cyber-volunteers and specials Programme to create a volunteer/specials pool of pursue, protect, prevent and prepare specialists accessible to forces and ROCUs in the region.
- Establish strong networked links with similar centres, to achieve economies of scale and efficiency.
- A move into fraud, retail and tourism for 2021/22.
How does it feel for the NEBRC to be recognised for the Outstanding Cyber Security Initiative award at the UK OSPAs 2021?
It’s an incredible achievement for what has been our first full year in business. It’s a unique offering and we weren’t sure how it would be received, but the take up from business has been great – the centre now has over 500 members and we have delivered student services, successfully providing affordable cyber-consultancy for SME’s and ensuring that students are getting supervised work experience ready to feed the staff shortage in the tech sector.
Our team were completely shocked but thrilled in equal measures when we won as it was the first award we had entered! We are a very close and small team so we all felt this very personally as we are passionate about the NEBRC’s success.
What can you tell us about the Cyber Security Initiative the NEBRC was recognised for?
It was the contract we won for delivery of cyber-awareness to the Leeds City Region Local Enterprise Partnership, for micro businesses of fewer than ten employees. They chose us because not only could we deliver the training and awareness, but we offered free memberships to every business that approached us; this means they will go on receiving the most up to date advice and support even after the contract finishes.
We would like to replicate this in other parts of the region so the whole region can take advantage of our free and reasonably priced paid membership packages. We have learnt a lot about how SME’s feel about cybersecurity and have tailored our approach accordingly.
How has the surge in cyber-criminal activity over the past 12 months affected the way the NEBRC operates?
As we have only been operating since November 2019, I think we have only ever known ‘lockdown’ business; however, the launch came at the right time as the most viewed blogs we have are on home working, fraud prevention and remote education. The threats of attack are the same as ever and the COVID-19 pandemic gave them a chance to adapt and flourish – this means these new types of criminal behaviour are here to stay (as I suspect home working is for many).
What advice would you give to those concerned about their cybersecurity?
I’d say join the NEBRC! That way you can stay abreast of the latest threats, get easy to understand advice, interpret jargon and help with setting up your security, from trusted police officers to companies that we have approved. All the steps are relatively simple to do and prevent 80-90% of attacks.
There are a few steps to take immediately that will give you a high level of protection for no cost, such as ensuring your passwords are not all the same across all systems and that they consist of 3 random words. Other steps include: backing up your data regularly; ensuring you do updates on your software; protecting your internet and IP connection whilst avoiding phishing emails.
If you ever suffer a live attack I’d recommend ringing your local police force via 101 or call Action Fraud who will assess the call and pass you on to the appropriate authority to investigate.
To find out more information, visit: https://www.nebrcentre.co.uk/
*Note most businesses in our Region have 9 or less employees and as such the cyber security advice given to the business also offers advice to individuals, their families and thus prevent future victims of crime.