Cyber Protect & Monitoring provides UK policing with round-the-clock monitoring of digital infrastructure to detect and respond to cyber threats.
How it works
The service is provided by the Police Digital Service’s (PDS) National Management Centre (NMC). The Protective Monitoring team operates a 24 hour/7 days a week service that analyses security event data, triages alerts, and escalates incidents with actionable recommendations. It aligns with the ‘Detect’ function of the NIST Cyber Security Framework.
Complementing this, the Cyber DevOps capability ensures the configuration and maintenance of the platforms that underpin cyber operations. It supports the deployment of monitoring tools, optimises data ingestion, and customises use cases to meet force-specific requirements, ensuring operational efficiency and resilience.
Benefits
- Early detection and rapid response to cyber threats.
- Centralised capability able to enrich alerting with threat intelligence and a policing focus.
- Strengthened operational resilience across policing.
|
|
|
|
Learn more about member benefits on our dedicated Members page.
What we need
- Access to system logs and telemetry data.
- Monitoring configuration and platform access.
- Named contacts for incident escalation.
What you get
- 24/7 monitoring and threat detection alerts.
- Incident reports with analysis and recommendations.
- Deployment of monitoring tools and custom use cases.
Use case
UK policing has onboarded to the NMC and benefits from Protective Monitoring services.
The system flagged unusual login patterns from foreign IP addresses across their cloud infrastructure, triggering an alert and incident report.
The team proactively suggested tailoring use case logic to improve detection accuracy enabling policing to investigate and contain a potential credential compromise swiftly, enhancing their cyber security posture.
