WARP logo  

 
Home
FAQ
Glossary
Contact us
WARP Register
FWA Software
WARP Toolbox
 WARPs for Schools
Background
Introduction
WARPs explained
 
WARPs in action
WARP benefits
Future of WARPs
Register of WARPs
 
Next steps
Joining a WARP
Building a WARP
WARP Toolbox
FWA Software
 
WARP News
Latest news
Newsletter
Annual Forum
Articles
Site updates
Archive
 
 

WARP benefits

The WARP model recognises that there are different benefits for different roles depending on whether you are running a WARP or using its services. The following roles have been defined so you can identify which benefits relate to you:

1.     WARP provider - The organisation responsible for establishing and running the day-to-day WARP services, and for its governance.

2.     WARP member - The organisation or individual authorised to access the WARP services. Often, several individuals from one organisation can be members.

In addition, examples of situations where WARPs made a significant difference are available;

3.     Real life examples - lists examples of benefits from real WARP providers and members


1. WARP provider benefits

As a WARP provider, you can benefit from:

  • Work efficiency: As a WARP provider, you will promote the sharing of information and the coordination of common tasks, which in turn, will reduce duplication of work.  This will benefit a corporate or government provider through increased efficiency.
  • Avoidance of reputation damage: As organisations move to a more online approach to interact with the public, web presence becomes a key factor. If a website is unavailable or has been defaced, this can cause reputation issues and could discourage the uptake of web services. Your community will be better protected by being WARP members.
  • Early warning: Finding out about problems/solutions others are experiencing and sharing these within the WARP community will enable you to offer a unique and personalised service, which even a large commercial provider could not match.
  • Support from CPNI and other WARPs: The advantage of belonging to such a focused community means that you are able to share and distribute helpful advice from a trusted source. Operational support from other WARPs is well established through the WARP Operators Forum.  There is also peer-to-peer cooperation through the Filtered Warnings Application which enables you to distribute other WARPs’ warnings and advisories easily.
  • Low cost: The model is designed to be very low cost, through minimal staffing levels (or virtual teams) but if you already have an existing infrastructure then your costs will be even lower.
  • Comprehensive free Toolbox: As a WARP provider, you can take advantage of this Toolbox, which has been created from the experience of other WARPs. It includes background information, how to get started, how to build and run a WARP, and an extensive list of downloads, from press articles to marketing materials.
  • Sustainability: WARPs are now becoming widely established, with many respected organisations successfully adopting the approach with proven sustainability.
  • Increased credibility: The ‘Not-for-Profit’ ethos, and the association with the Centre for the Protection of the National Infrastructure (CPNI), will help gain the community’s trust and can aid an organisation’s credibility, especially in the context of ‘Public Good’ activities.
  • Compliance: WARP membership will help the member organisation to meet some of the criteria for ISO27001 accreditation.
  • Growth potential: Many existing WARP providers are in the process of establishing further WARPs, building on the existing infrastructure and expertise which both supports lower costs and better sustainability. WARPs are now appearing across many sectors, and are beginning to spread internationally.
  • Corporate Social Responsibility: Being a WARP member enhances the member organisation’s corporate social responsibility thereby gaining your community’s trust and potentially supporting both your own and the members’ other business strategies.

 

Back to top

 


2. WARP member benefits

WARP members will benefit from:

  • Peer support: WARP members can share collective view of issues and solutions from peers within the community, which could include benchmarking to support better decision making.
  • Early warning: Finding out about problems and solutions that others are experiencing, and sharing these within the WARP community will offer a unique service. Some information will only be available from the WARP community (privileged access to information).

  • Improved preparedness: Access to a trusted forum to share problems and solutions, as well as raising your awareness of local threats and electronic attack issues.

  • Compliance with ISO27001: belonging to a WARP satisfies several accreditation requirements.

  • Not being alone: WARP members always have peers to turn to, facilitated by the operator, for example to find out if anyone has applied the latest patches and if they had problems.

  • Increased security: By having access to faster more relevant information you benefit from:

    • Early warnings;

    • Unique information - from WARP members, other WARPs & CPNI sources;

    • Benchmarking data for better decision making;

    • Louder voice with IT vendors to get things fixed.

Back to top

 


3. Real life examples

Example 1: How a Local Authority benefited from WARP:

Local Authority members of a particular WARP use the same software application for assessing and managing housing benefit. One member downloaded an MS security patch to cover a notified vulnerability and installed it. The patch was effective but adversely affected the software making it unusable. Local Authority personnel were unable to access housing benefit data and unable to do their jobs, resulting in loss of service to the citizen causing disruption and delays in payment. When the patch was removed the software operated normally again.

WARP members were immediately informed of the problem, thereby giving them an early warning, and again once the solution was identified.

 

The WARP provided an efficient, timely and structured way of notifying the right people in other Authorities and saved many days of wasted personnel time and loss of service to the citizen.

 

Example 2: How WARPs helped just in time:

Product 'X' is a dynamic portal engine and website content management system. The software is written in PHP. A WARP operator identified a website defacement on one of its member’s websites through the monitoring site “Zone H”. The attack effectively took advantage of a flaw in product 'X' content management system allowing the hacker to alter the configuration file and then remotely open existing files replacing them with text of their choice.

The WARP operator contacted the relevant member about the defacement on a Friday and the member worked with the developers of product 'X' over the weekend until a fix was available first thing Monday. Members were notified of the fix via the WARP’s Filtered Warning Application Software (FWA).

 

The WARP enabled the timely distribution of the fix for this particular vulnerability to be disseminated to other WARP members thereby removing the likelihood of defacement to other member websites and associated embarrassment and disruption of service.

 

The Future of WARPs explains the context and vision of the WARP programme.

Back to top

© Crown copyright 2004
Published : 09-Mar-2007
Terms and conditions