Table of contents

The GDS Way and its content is intended for internal use by the GDS community.

Cyber Security team

The Cyber Security team provide service teams with self-service tools and systems making GDS more secure overall by:

  • reducing the number of cyber security incidents
  • speeding up incident detection making GDS more difficult to attack

The Cyber Security team has 5 principles:

Use threat intelligence to inform strategy

The Cyber Security team use threat intelligence to inform and prioritise security risks and apply the appropriate and proportionate level of security controls for GDS.

The team’s strategy uses:

  • threat intelligence to inform their priorities
  • security risks to inform their work
  • user needs to inform how they minimise security risks

Focus on delivery

The Cyber Security team works in 4 small Agile, multidisciplinary teams that work in a sustainable, effective and user-centered way. The teams are organised around:

  • tooling
  • operational intelligence
  • engagement
  • incident response

Tooling

Provide autonomous and self-service tools to detect security issues in near real-time and enforce actionable policies.

Operational Intelligence

Deliver intelligent, actionable and self-service security monitoring and threat intelligence to teams. This provides direct visibility of their services allowing them to maintain and improve security.

Engage

Developing a better organisational security awareness by improving cyber security behaviour and processes across GDS. For example, by providing guidance about:

Respond

Supplying incident response management to GDS.

Use multidisciplinary teams

Cyber Security teams are multidisciplinary containing specialists from many disciplines including:

  • Engineers
  • Developers
  • Architects
  • Threat intelligence analysts
  • Ethical hackers
  • Security analysts
  • User researchers
  • Product managers
  • Delivery managers

Build autonomous products and services

The Cyber Security team build autonomous products and services that help provide scalable solutions and increased efficiency. Automation frees up people for mission work using threat intelligence and machine learning to improve our solutions.

Actionable self-service security

The Cyber Security team provide service teams with tools, systems, process and support to service teams to make GDS more secure. By doing this the Cyber Security team makes sure security is neither too restrictive, burdensome and expensive, nor ineffective, inadequate or vulnerable for service teams.

Self-service makes sure people closest to GDS services have the tools to operate and resolve security incidents efficiently and effectively. These tools, systems and intelligence help service teams make informed decisions about their own security.

The Cyber Security team keeps an overall organisational view of how service teams use its tools, services and processes allowing GDS to operate securely.

Further reading

The National Cyber Security Centre (NCSC) also provides guidance and intelligence about cybersecurity.

Contact us

Contact the Cyber Security team using the #cyber-security-help Slack channel. Or provide feedback on this page using the Contact GOV.UK form.

This page was last reviewed on 18 October 2018. It needs to be reviewed again on 18 April 2019 by the page owner #gds-way .
This page was set to be reviewed before 18 April 2019 by the page owner #gds-way. This might mean the content is out of date.