The Cyber Technical Advisory Group (C-TAG) has UK wide Government and WARP representation.
The C-TAG reports into the Socitm Local CIO Council (LCIOC), supporting the LCIOC standing theme relating to Cyber Resilience, Information Assurance and Security. We also cover wider sectoral issues relating to Information Governance and ethics.
C-TAG works closely with the NCSC, LGA, Cabinet Office, MHCLG and through the UK wide representation C-TAG is also able to engage with the Devolved Administrations who are full C-TAG members
The current C-TAG programme is funded through a grant from the LGA, through the Cabinet Office National Cyber Security Programme (NCSP). We remain very grateful for the funding to maintain the work
4th Aug 2021, 10am to 11am- MTA-STS: Now considered by NCSC/Mailsheck to be part of what is needed for better Email Security (and to build upon the progress made with DMARC)
This presentation has a heritage, in so much as it predates the active interesting MTA-STS by NCSC and Mailcheck by over a year and covers in a “cookbook” format how to set up MTA-STS and what can go wrong.
MTA-STS is a standard already in use by many major email systems including the NCSC as well about a dozen or so councils up and down the country.
Eventbrite Link: https://www.eventbrite.co.uk/e/164813959991
11 Aug 2021, 10am to 11:30am- zED: baselining your peers and suppliers email
zED, a point product/tool, directly addresses a question that came from the WARPs about how public sector organisations can assess information about the email hygiene of their peers and suppliers.
zED checks TLS and DNS records to ascertain this in a weekly scan based upon the domains you ask it to scan and is complementary to NCSC’s Mail Check tool. This presentation covers the background as well as the new 2021 features.
Eventbrite Link: https://www.eventbrite.co.uk/e/164814946943
18th Aug, 10am till 11:30am- C-TAG Research - What else do we need?
This presentation was for C-TAG members / WARP leads only, but has been extended to all, and is workshop based with an intro scene setting presentation. Does the UK Public sector need to help with cyber security?
Background: From a C-TAG survey earlier this year, this review of what people wanted C-TAG to deliver developed. Is it a national or regional centre or with a focus on monitoring and sharing of threats, allowing with a response, and possibly of professional managed service, are there alternatives, or other cost effective means of better cyber security.
Now: There is a growing interest in central SOCs (Security Operation Centres), there is research work by LoTI (London office of Technical and Innovation), MHCLG and PSN, this work feeds in to these bits of work, but also strongly seeks the views of WARP members up and down the country on this top and other related ideas.
Eventbrite Link: https://www.eventbrite.co.uk/e/164815299999
25 Aug, 10am till 11:30am- COVID one year on, just how safe is this home working thing?
A question many chief executives and other senior leaders are asking of their governance and security leads, in this presentation, Bruce looks at some of the main attack vectors that may still be open and should be reviewed, as well sharing an assessment on the likelihood of these types of attacks.
This presentation is intended to be shared, and when someone asks you this question you can onwards share this presentation as well as your risk reviews and mitigations!
Eventbrite Link: https://www.eventbrite.co.uk/e/164815410329
The NLAWARP serves to encourage the development of multiple, regional Local Authority WARPs and to provide a centralised online services, to reduce the burden on individual WARPs.