INTERNAL RESOURCES

This page is for SEROCU, Surrey, Sussex, Hampshire and Thames Valley Police Force’s Cyber Protect, Prevent, Prepare and Pursue staff to access shared resources and up to date guidance.

PROTECT

Memberships Groups

Action Fraud / NFIB / Victim Call Backs

  • When you make contact with a cyber crime victim and problem solve their original complaint, you need to cover additional topics which are part of the national campaign for making individuals and organisations safer.
  • Speak with the SPOC on the Action Fraud crime report, but if there is no contact, ask for the Chief Information Security Officer (CISO), Chief Technical Officer (CTO) or member of the Senior Leadership Team (SLT). You need to speak with a decision maker, as part of your role is to influence a cyber change in that organisation.

Current target is to influence a behavioural change in 75% of the people you speak with

  • Before the call, familiarise yourself the topics below which can also be found on https://www.ncsc.gov.uk/cyberaware/home, ensuring the individual has an understanding of it:
    • Using strong, separate passwords for email accounts
    • Installing the latest software and app updates
    • Where available, use two-factor authentication on your accounts
    • Always backing up your most important data
    • Never automatically click on links or attachments
    • Always question unsolicited approaches for personal and financial information
    • Avoid using public Wi-Fi when transferring sensitive information, such a payment details

Cyber Crime Reporting www.actionfraud.police.uk

  • Reporting Cyber crime can be completed online and the public need to be made aware of the new Action Fraud portal
  • Sign post people to www.serocu.police.uk/cyber-reporting where they can see a video showing them how they create an account or report cyber intelligence

Cyber Essentials Scheme www.cyberessentials.ncsc.gov.uk

  • Encourage the organisation to apply for the Cyber Essentials Scheme if they are not already certified.
  • Advise the organisation they should implement this into their Service Level Agreements (SLAs) up and down their supply chain
  • Cyber needs to be on their risk register to enable business continuity

CISP www.ncsc.gov.uk/section/keep-up-to-date/cisp

Future training and crime prevention assistance

  • If you feel the company may benefit from a Cyber Protect presentation, sign post them to www.serocu.police.uk/cyber-protect/ where they can choose suitable free training
  • Encourage the HR or IT teams for their workforce to visit www.serocu.police.uk/individuals where they can work through some helpful cyber safety messaging. This resource is on an external webpage and staff will be able to access all content anywhere

Volunteers

  • We are starting to gather a pool of Cyber volunteers to assist in technical advice and solutions. Access to them can be obtained through your supervisor via CISP.
  • If you speak with someone who is a specialist in their field, we are always looking for volunteers. Speak with the protect supervisor about the latest process where we can sign up experts as cyber specials or cyber volunteers that can assist us on demand
  • If the person you are speaking to sounds like a good character that may want to be a role model for some of our cyber prevent / choices subjects, inform the cyber choices team.

After the Action Fraud / NFIB / Victim Call Back

  • A victim (individuals) survey will need to be sent to any victim of cybercrime for completion after having given them suitable advice:
SEROCUHampshireSussex & SurreyThames Valley
Victim (individual) Contact Survey (smartsurvey.co.uk)Victim (individual) Contact Survey (smartsurvey.co.uk)Victim (individual) Contact Survey (smartsurvey.co.uk)Victim (individual) Contact Survey (smartsurvey.co.uk)

Cyber Protect Presentations

  • If you are attending an expo or staffing a stand and need back ground wall paper for screens, a show is available here which loops automatically

After a Cyber Protect presentation

  • After a cyber interaction, a smart engagement survey must be sent for feedback of which there are specific force and audience codes set by Team Cyber Protect UK. Use the website link for your force as below as this will capture survey responses while directing and providing people to the follow-up advice that you just delivered and promised them.

Individuals Survey

  • To be used during engagements with individuals
SEROCUHampshireSussex & SurreyThames Valley
https://serocu.police.uk/talk/General awareness (Individuals) Engagement Survey (smartsurvey.co.uk)General awareness (Individuals) Engagement Survey (smartsurvey.co.uk)General awareness (Individuals) Engagement Survey (smartsurvey.co.uk)

Business Survey

  • To be used during engagements with businesses. These surveys cover additional questions to the General (Public / Staff) survey, including policies, incident response and CiSP and Cyber Essentials. The survey aims to cover different business engagement activities such as presentations, table top exercises and incident response scenarios.
SEROCUHampshire Sussex & SurreyThames Valley
https://serocu.police.uk/presentation/Business Engagement Survey (smartsurvey.co.uk)Business Engagement Survey (smartsurvey.co.uk)Business Engagement Survey (smartsurvey.co.uk)

Police / Staff Engagement Survey

  • To be provided to officers and staff after any internal training / formal briefings. This will help identify awareness and confidence to talking about and signposting individuals and business towards core protect messaging if required.
SEROCUHampshireSussex & SurreyThames Valley
https://serocu.police.uk/police-presentation/Police staff/officer Survey (smartsurvey.co.uk)Police staff/officer Survey (smartsurvey.co.uk)Police staff/officer Survey (smartsurvey.co.uk)
  • Remember to update your KPI spreadsheet (where, when and how many people engaged with) as this data is needed quarterly for the Home Office, NCA and Action Fraud

Vulnerability Notifications

  • Often we receive notifications from NCSC, NCA and NFIB and quit rightly resistance is experienced from organisations challenging our authenticity. To assist in the delivery of these https://serocu.police.uk/notifications/ has been created for those organisations to see listed on a trusted police domain what the role of a Cyber Protect Officer is
  • Please use this page to assist in the delivery of those actions

PREVENT / CYBER CHOICES


If you have any difficulties we are available at: CyberProtect@serocu.police.uk

Page last reviewed 05/12/2022