This page is for Serocu, Surrey, Sussex, Hampshire and Thames Valley Police Force’s Cyber Protect, Prevent, Prepare and Pursue staff to access shared resources and up to date guidance.


  • If you dealing with an investigation, we have created a page that allows files to be shared with SEROCU staff in a secure fashion over TLS. The cyber crime unit inbox will be notified as soon as the file is uploaded. You will need to arrange for it to be transferred away from the web server as soon as possible.
  • Files can only be uploaded one at a time with a maximum file size for a single file of 127MB. Instructions for the sender are available here


Memberships Groups

Action Fraud / NFIB / Victim Call Backs

  • When you make contact with a cyber crime victim and problem solve their original complaint, you need to cover additional topics which are part of the national campaign for making individuals and organisations safer.
  • Speak with the SPOC on the Action Fraud crime report, but if there is no contact, ask for the Chief Information Security Officer (CISO), Chief Technical Officer (CTO) or member of the Senior Leadership Team (SLT). You need to speak with a decision maker, as part of your role is to influence a cyber change in that organisation.

Current target is to influence a behavioural change in 75% of the people you speak with

  • Before the call, familiarise yourself the topics below which can also be found on, ensuring the individual has an understanding of it:
    • Using strong, separate passwords for email accounts
    • Installing the latest software and app updates
    • Where available, use two-factor authentication on your accounts
    • Always backing up your most important data
    • Never automatically click on links or attachments
    • Always question unsolicited approaches for personal and financial information
    • Avoid using public Wi-Fi when transferring sensitive information, such a payment details

Cyber Crime Reporting

  • Reporting Cyber crime can be completed online and the public need to be made aware of the new Action Fraud portal
  • Sign post people to where they can see a video showing them how they create an account or report cyber intelligence

Cyber Essentials Scheme

  • Encourage the organisation to apply for the Cyber Essentials Scheme if they are not already certified.
  • Advise the organisation they should implement this into their Service Level Agreements (SLAs) up and down their supply chain
  • Cyber needs to be on their risk register to enable business continuity


Future training and crime prevention assistance

  • If you feel the company may benefit from a Cyber Protect presentation, sign post them to where they can choose suitable free training. All forces can deliver this free training including national contacts details
  • Encourage the HR or IT teams for their workforce to visit where they can work through some helpful cyber safety messaging. This resource is on an external webpage and staff will be able to access all content anywhere


  • We are starting to gather a pool of Cyber volunteers to assist in technical advice and solutions. Access to them can be obtained through your supervisor via CISP.
  • If you speak with someone who is a specialist in their field, we are always looking for volunteers. Speak with the protect supervisor about the latest process where we can sign up experts as cyber specials or cyber volunteers that can assist us on demand
  • If the person you are speaking to sounds like a good character that may want to be a role model for some of our cyber prevent / choices subjects, inform the cyber choices team.

After the Action Fraud / NFIB / Victim Call Back

  • As of 1/6/19 a victim (individuals) survey will need to be sent to them for completion
SEROCUHampshireSussex & SurreyThames Valley
Victim (individual) Contact Survey 21/22 ( (individual) Contact Survey 21/22 ( (individual) Contact Survey 21/22 ( (individual) Contact Survey 21/22 (

Cyber Protect Presentations

  • Attached is a copy of a cyber protect presentation. The hyper links contained within the slides are the suggested videos to assist in the delivery of that presentation. You will need to download the relevant video and embed rather than relying on an internet signal for your presentation. Suggested video playlist
  • If you are attending an expo or staffing a stand and need back ground wall paper for screens, a show is available here which loops automatically

After a Cyber Protect presentation

  • After a cyber interaction, a smart engagement survey must be sent for feedback of which there are specific force and audience codes set by Team Cyber Protect UK. Use the SEROCU website link for your force as below as this will capture survey responses while directing and providing people to the follow-up advice that you just delivered and promised them.

Individuals Survey

  • To be used during engagements with individuals
SEROCUHampshireSussex & SurreyThames Valley awareness (Individuals) Engagement Survey 21/22 ( awareness (Individuals) Engagement Survey 21/22 ( awareness (Individuals) Engagement Survey 21/22 (

Business Survey

  • To be used during engagements with businesses. These surveys cover additional questions to the General (Public / Staff) survey, including policies, incident response and CiSP and Cyber Essentials. The survey aims to cover different business engagement activities such as presentations, table top exercises and incident response scenarios.
SEROCUHampshire Sussex & SurreyThames Valley Engagement Survey 21/22 ( Engagement Survey 21/22 ( Engagement Survey 21/22 (

Police / Staff Engagement Survey

  • To be provided to officers and staff after any internal training / formal briefings. This will help identify awareness and confidence to talking about and signposting individuals and business towards core protect messaging if required.
SEROCUHampshireSussex & SurreyThames Valley staff/officer Survey 21/22 ( staff/officer Survey 21/22 ( staff/officer Survey 21/22 (
  • Remember to update your KPI spreadsheet (where, when and how many people engaged with) as this data is needed quarterly for the Home Office, NCA and Action Fraud

Vulnerability Notifications

  • Often we receive notifications from NCSC, NCA and NFIB and quit rightly resistance is experienced from organisations challenging our authenticity. To assist in the delivery of these has been created for those organisations to see listed on a trusted police domain what the new roles of a cyber officer are.
  • Please use this page to assist in the delivery of those actions.


  • A page has been created for protect officers to save any resources which they require access to for referencing in press releases or signposting public to


Vulnerability Assessments

  • We are now offering public sector, small and medium-sized enterprises and charities a free vulnerability assessment. The following explanation of our service can be used with any communication with an organisation.
  • We would like to offer you the opportunity to receive a free IT health check from the police in the form of a vulnerability assessment.

Vulnerability Assessment                                                  

  • The South East Regional Organised Crime Unit is a Police unit responsible for delivering specialist and niche capabilities in the South East of the United Kingdom.  We have produced this crime prevention initiative which offers a free vulnerability assessment for selected small to medium sized companies and charities based in Thames Valley Police, Hampshire Constabulary, Surrey Police and Sussex Police areas.

What is the assessment?

  • The vulnerability assessment uses an industry recognised software package. It’s not a penetration test but a basic assessment of your network (i.e. internet facing systems like firewalls, mail servers, etc… not user workstations or internal systems) – it doesn’t give protection against complex or persistent attacks, but does give an overview of the network security weaknesses that could be exploited by criminals on the internet.  To obtain such a scan from the private sector could incur a cost. 

Why are we offering this service?

  • Cyber criminals are constantly scanning the internet looking for vulnerabilities. A large percentage of crimes occur when the attacker has found a well-known, easily exploitable vulnerability in an organisation’s network. If you believe your organisation may benefit from this prevention service, please get in touch and a member of the team will contact you to discuss the assessment in more detail.
  • These are all crimes which could have been prevented if the organisation had known about the vulnerability and taken the appropriate action. The aim of this service is to identify these common vulnerabilities before the criminals do. Falling victim to cyber crime can cause significant financial loss, reputational damage and emotional distress for those involved.

How will the assessment be conducted?

  • By providing some technical information to us, this assessment can be conducted, remotely – meaning nobody needs to be physically present on your premises and the assessment can occur at any time of the day.

What you will receive?

  • A report which outlines your vulnerabilities, not all of them, but its a good way of establishing if you have high risks, easy to exploit gaps, which attackers could use.  The report will help you understand where you need to start to improve your security and an assessment can help you comply with regulations and certifications such as Cyber Essentials, GDPR, ISO27001 and PCI Compliance.
  • Once the organisation completes the contract letter below, forward to SEROCU protect and a scan will be conducted.


  • For initial referrals email and one of the team will be in contact with advice.
  • If you deal with an educational organisation or concerned parent, please bear in mind is now available with help and advice for young people and lesson plans for teaching professionals.
  • We have created 3 feedback surveys so we can measure how effective our engagements are across all activities.  Please send the link below to the relevant audience …


  • For people who educate or manage potential subjects and have had direct engagement with a prevent officer upskilling their knowledge in this area


  • Someone who has experienced a generic cyber prevent message or attended an outreach event i.e. cyber champions experience


  • Someone who has had direct engagement with a prevent officer i.e. 121 referral; C&D; NOMS interaction

If you have any difficulties we are available at:

Page last reviewed 9/7/2020