Bringing you together
What is SEGWARP?
South East Government Warning, Advisory and Reporting Point (SEGWARP) is one of a number of groups around the country designed to bring together information security officers from local government. The aim is to provide a one-stop shop for early warning, information sharing and best-practice advice around the latest cyber-security threats.
South East Employers runs SEGWARP in conjunction with the University of Wolverhampton. We also have the co-operation of the LGA, other WARPs around the country and specialist organisations such as the local Regional Organised Crime Unit (ROCU). Membership is open to all public sector organisations in our region. The WARP is operated on a not-for-profit basis and current charges are:
- £500 per annum for district and borough councils
- £750 for unitary councils
- £1,000 for county councils
There is a 15% premium for organisations that are not in membership of SEE.
For more information or to discuss joining SEGWARP, contact SEE
Why do you need a WARP?
Keeping on top of the huge volume of system vulnerability information is very time-consuming. WARP offers members the opportunity to receive targeted, tailored early-warning notifications. And, as importantly, the chance to come together to discuss challenges and share best practice in a confidential and trusted environment.
As IT becomes more cloud-based and a broader range of devices are used, it’s all the more important to make all your staff aware of how to be vigilant to cyber-threats. The LGA has produced a guide for councillors to explain the basics.
In summary, a WARP provides:
- Safe space to talk and share with peers: support, advice
- Access to information & knowledge: expert speakers from government and industry
- Intelligence sharing: timely alerts on threats, incidents
- Collaboration: projects and policy development
- Representation – the collective voice
What does SEGWARP provide?
As of April 2019, SEGWARP has 26 member authorities and the wider the reach, the better the information-sharing. The LGA is advising all local authorities to join a WARP, because the benefits of information sharing and support are clear in an increasingly IT-dependent, interconnected world. SEGWARP comprises three elements:
SEGWARP members receive targeted, tailored alerts of new cyber-security incidents and threats enabling them to take appropriate action within their organisation. A number of named users can sign up to these alerts so the whole team can be made aware as soon as a new threat is identified.
SEGWARP meets face-to-face, usually in London, three times a year. Attendees are able to discuss their experiences and concerns in a confidential environment where no information will leave the room unless authorised by the speaker. In addition, guest presenters attend to highlight products and services that may enhance cyber-security processes and to share knowledge from outside the public sector.
WARPs provide a confidential reporting point for information security-related incidents.
We know that issues and concerns don’t conveniently arise when you can discuss them face-to-face with peers. So we facilitate the asking of group questions or polls and a Yammer group so that you can keep in touch with region-wide colleagues in a way that suits you.
What members say about SEGWARP
Reading Borough Council considers the advisory notices received from SEGWARP an essential process within the Council’s overall Security Governance framework as it provides early alerting and a summary of important security alerts in an easily understood and prioritised form which the Council’s ICT Outsourced supplier also finds extremely useful in ensuring Security Compliance is maintained. We would encourage others to include SEGWARP as part of their own Security Governance processes.
West Berkshire Council has found this service invaluable – it is cost effective and brings all the alerts we need to be aware of into one place, as well as being assured of the source and relevance of the information. In these times of staff and budget cuts resulting in lack of time to keep up with important IT security changes/risks, the network meetings provide an excellent way of sharing knowledge and experiences as well as keeping up with current and future areas of concern. The ‘closed’ group is particularly useful for discussing concerns and identifying lessons learned from other LAs.
Being a member of WARP has enabled us to exchange ideas such as solutions and procedures, with others who have previous experience in those areas that you are currently exploring. The chance to discuss common issues with your own peers at other authorities has been invaluable. The alerting system has been really good, advising us of serious vulnerabilities and giving us the opportunity of assessing the impact and taking the appropriate action necessary. One excellent example of knowledge and problem sharing was when we all had to undergo the Code of Connection process. As this was a necessary common goal, the exchange of information here was invaluable as it was evident that different authorities had grasped different aspects of how to go about meeting CoCo compliance. I would say to any of my peers who are NOT members, ‘can you really afford not to be a member?’ In current times, it’s not a question of if as it’s more a question of when you’ll suffer a security incident and the more you know the better position you’ll be in when it comes to minimising the scale of the breach! Often, the handling of the breach can be more significant than the original breach itself!
I was initially reluctant to joining the SEGWARP meetings, yet another round table group which would take up a day while I had ‘real’ work to do. But have found them to be very useful in gathering information from people in similar positions with near identical issues. I also have now network of contacts which I can draw on between meetings if problems arise. I would encourage anyone thinking of joining to seriously consider the benefits in can bring you and your organisation.
SEGWARP network meetings
SEGWARP face-to-face meetings are usually held three times a year, in March, July and November. The venue may vary but is usually London Councils in Southwark within easy reach of the rail and tube network.
The next meeting will be held in London on 20 June 2019.
All members of SEGWARP are invited to participate but the confidential nature of meetings means that minutes cannot be shared outside this group. However, the broad outline of discussions was:
9 March 2017
- Role of the National Cyber Security Centre (NCSC)
- GDPR presentation
- PSN compliance
- Movement to and security within the cloud
4 July 2017
- Flexible working and the challenges it brings for IT
- PSN contractors, health checks and accreditation
- Presentation from software vendors, regarding ransomware
16 November 2017
- Outline of a cyber resilience exercise
- Working relationships with the LGA and other WARPs
- Secure email
- Single sign-in presentation from software vendors
15 March 2018
- The work of the South East Regional Organised Crime Unit Cyber Crime team
- Presentation on upcoming cyber threats, from software vendors
- Updates from the NCSC
- Details of a Resilience Forum exercise
- Different security standards and importance of adherence to them
- The training requirements for GDPR compliance
10 July 2018
- Presentation by Pen Test Partners on their work as penetration testing consultants
- Update from the NCSC
- The impact of the introduction of GDPR
- The future of PSN networks
- The latest ICO incident trends report
22 November 2018
- Presentation from Egress on their security solutions
- Update from the LGA following the cyber-security stocktake
- Round-table discussions about the future of PSN
28 March 2019
- Update from the NCSC
- The future of PSN and its possible replacements
- Moving to the cloud
- How best to raise staff awareness of cyber-security issues
- Most effective accreditation to demonstrate a commitment to cyber-security
Latest LGA news
We are kept up to date on the LGA’s work on cyber security via a country-wide network of contacts. Here is the latest update issued to heads of IT and SEGWARP contacts from SEE.
4 April 2019
The National Cyber Security Centre has produced information security guidance for organisations holding elections.
30 January 2019
You will all be aware of the fast approaching deadline (end-March 2019) for the termination of the existing Vodafone GCSX secure email service.
Produced by Socitm in association with Chris Smith and his team at the City of Bradford Council and the Yorkshire & Humber WARP, this practical guidance provides a high-level view of the milestones and planned timescales for migration away from GCSX, and the technical steps required to migrate users to alternative, secure email services. The guidance has also benefited from input provided by the Local Government Association, Cabinet Office, MHCLG, Crown Commercial Service and the National Cyber Security Centre, through their involvement in the Local Government PSN Programme Board. You can download the document from: https://www.socitm.net/publications/
18 July 2018
As part of the National Cyber Security Strategy, the LGA has been awarded funding by the Cabinet Office to ensure that councils are as resilient against cyber-attacks as possible.
The first phase of this work has now begun. Working with the not-for-profit research organisation RAND Europe, the LGA has now sent a confidential online questionnaire to all councils in England to complete concerning their cyber security arrangements.
This aims to:
- capture the current state of play in terms of cyber security across councils
- identify good practice – and those councils delivering it
- identify risks – and those councils at risk
Findings from this work will inform where and how the LGA targets support including funding to individual councils. From the Autumn, councils will be able to bid for grant funding to undertake an agreed activity or piece of work which will improve their cyber security, based on the findings from the stocktake. Details on how to bid for this will follow later on this year.
Please make sure your council takes part. If your council nominated a lead contact, the questionnaire will now have been sent to them, if not, it will land in the inbox of the council’s Chief Executive. Councils have until 31st August to complete this.
Some helpful resources from the Regional Organised Crime Unit, to kickstart cyber-security conversations in your organisation.
- Ten steps to cyber security, provided by the National Cyber Security Centre
- Weekly threat reports and alerts, provided by the National Cyber Security Centre
- Various infographics, provided by the National Cyber Security Centre, including:
- Small business guide
- Small charity guide
- NCSC glossary
- Password guidance
- 10 steps to cyber security
- Common cyber attacks
- Bring your own device guidance
- Managing information risk
- The Little Book of Big Scams – Metropolitan Police Service
- The Little Book of Cyber Scams – Metropolitan Police Service
- The Little Book of Big Scams (Business Edition) – Metropolitan Police Service
- General advice on cyber security for business and the public
- Social media accounts