Helping member organisations monitor and report the malicious activity they face from the Internet

Updated: Jul 27



What is Police CyberAlarm?

As a member, Police CyberAlarm is a free tool to help you understand and monitor malicious cyber activity against your network. This service is made up of two parts: monitoring and vulnerability scanning.


Police CyberAlarm will detect and provide regular reports of suspicious cyber activity, enabling your business or What is Police CyberAlarm? organisation to identify and take steps to minimise your vulnerabilities.


The data collected by the system only contains summary information (meta data and header information) about communications your business or organisation receives from the internet. The system is designed to protect personal data, trade secrets and intellectual property.


How Does Police CyberAlarm Work?

As a member, Police CyberAlarm is a free tool to help you understand and monitor malicious cyber activity against your network. This service is made up of two parts: monitoring and vulnerability scanning. Police CyberAlarm will detect and provide regular reports of suspicious cyber activity, enabling your business or organisation to identify and take steps to minimise your vulnerabilities. The data collected by the system only contains summary information (meta data and header information) about communications your business or organisation receives from the internet. The system is designed to protect personal data, trade secrets and intellectual property. Once you become a Police CyberAlarm member you install a virtual or physical ‘Police CyberAlarm Collector’ on your network, which will be used to collect and process traffic logs to enable the identification of suspicious and malicious activity from your firewall/internet gateway, Network Intrusion Detection/Prevention system (IDS/IPS), Network Anti-Virus and Anti-Spam filters. Police CyberAlarm is a monitoring system and does not interfere with normal network operations. There are two ways to install the data collector, and both are easy to do.


What information does Police CyberAlarm collect and how is it used once collected?

The Police CyberAlarm Data Collector installed on your site first identifies suspicious data and by doing so automatically filters out any internal traffic and data from known trusted sources.


The remaining data is then encrypted and transmitted to the Police CyberAlarm servers where it is collated, verified, analysed and shared between police forces allowing them to identify new trends, patterns, and cyber-attacks.


It is also then possible to identify whether there are repeated trends or patterns on particular services, products, or devices. This information can be used to inform advice and guidance to member organisations and others, as well as to enable the police to take enforcement action.


Each member organisation will benefit from their own report which will include the identification of the new trends and attacks allowing them to better defend themselves against such attacks.


What are the benefits to my business?

Police CyberAlarm benefits both member organisations and UK Policing.


Members benefit from regular intelligence reporting, through their ‘Member Summary Threat Report’, summarising suspicious activity detected in the external traffic logs sent to their Police CyberAlarm collector.


In addition to this report, members who opt in for vulnerability scanning will also receive a ‘Vulnerability Assessment Report’. This report details any known potential vulnerabilities and the CVE codes for those vulnerabilities to help better protect the organisation.


Where do I sign up?

If you would like to become part of Police CyberAlarm or find out more about receiving regular security updates and reports to help you gain a better understanding of current threats, register at https://cyberalarm.police.uk.


Police CyberAlarm is a police system and all data collected is collected by the police and not the Cyber Resilience Centre.

The contents of this website are provided for general information only and are not intended to replace specific professional advice relevant to your situation. The intention of The Cyber Resilience Centre for Wales is to encourage cyber resilience by raising issues and disseminating information on the experiences and initiatives of others. Articles on the website cannot by their nature be comprehensive and may not reflect most recent legislation, practice, or application to your circumstances. The Cyber Resilience Centre for Wales provides affordable services and Trusted Partners if you need specific support. For specific questions please contact us.

The Cyber Resilience Centre for Wales does not accept any responsibility for any loss which may arise from reliance on information or materials published on this document. The Cyber Resilience Centre for Wales is not responsible for the content of external internet sites that link to this site or which are linked from it.