WARPs (short for Warning, Advice, and Reporting Points) have been developed to provide a cost-effective method to support defence against attacks. Their purpose is to provide a specific community with the capability to share security-related information — both problems and solutions — and thereby to develop more secure and responsive environments.
The WARP operator uses a website, email, telephone, SMS, and occasional meetings (where possible) to send a personalised service of warnings and advice to the members. This will be mainly IT security advice (because there's so much of it, and it changes so rapidly), but can include other material (other threats, e-crime, contingency planning, etc.) as well.
- The operator also taps into the knowledge of the members themselves to help out other members using a bulletin board, meetings, etc.
- There will usually be between 20 and 100 members in each WARP, otherwise it can lose that personal touch, and they will belong to a community (small businesses, local government, service providers, interest groups, etc.).
- A WARP operator does not have to be a technical expert in IT security as their main role is to facilitate the exchange of security-related information within the WARP community. This would require good communication and management skills.
- A successful WARP will build up enough trust to encourage members to share details about their own incidents and problems, anonymously if need be, for the benefit of the rest.
- WARPs are run on a "not-for-profit" basis.
- WARP, "Background" (full-text).