It is an unfortunate fact of modern life that most public and private sector organisations are under ever increasing attack from malicious hackers, terrorists, organised crime and others.

hands on an illuminated keyboard

These attacks are often via malware (e.g. spyware, keyloggers, viruses) but in more extreme cases could be physical (e.g. a car bomb), or via personnel (e.g. commercial espionage by an insider).

WARPs (short for Warning, Advice, and Reporting Points) have been developed to provide a cost effective method to support defence against attacks. Their purpose is to provide a specific community with the capability to share security related information - both problems and solutions - and thereby to develop more secure and responsive environments.

  • The WARP operator uses a website, email, telephone, SMS, and occasional meetings (where possible) to send a personalised service of warnings and advice to the members. This will be mainly IT security advice (because there’s so much of it, and it changes so rapidly), but can include other material (other threats, e-crime, contingency planning etc) as well
  • The operator also taps into the knowledge of the members themselves to help out other members using a bulletin board, meetings etc
  • There will usually be between 20 and 100 members in each WARP, otherwise it can lose that personal touch, and they will belong to a community (small businesses, local government, service providers, interest groups, etc.)
  • A WARP operator does not have to be a technical expert in IT security as their main role is to facilitate the exchange of security related information within the WARP community. This would require good communication and management skills.
  • A successful WARP will build up enough trust to encourage members to share details about their own incidents and problems, anonymously if need be, for the benefit of the rest
  • WARPs are run on a ‘not-for-profit’ basis

The WARP programme is part of the Information Sharing Strategy of the Centre for the Protection of National Infrastructure (CPNI).

Next step: have a look at the benefits associated with joining a WARP