#1 The history of the National Cyber Security Centre
The UK's first cybersecurity strategy was launched in 2009 and outlined that whatever the shape of the cybersecurity mission, it made no sense to silo it away from other aspects of national security. To be effective, it had to be able to take advantage of high-grade intelligence and other security capabilities. The strategy outlined how the country needed to invest more in getting the public and private partnership really working. It confirmed the need to set even clearer lines of accountability when cyber incidents happened.
In 2015, the UK government took that learning and turned it into a five-year National Cyber Security Strategy. It brought new thinking to the management of cyber incidents, led to the creation of the Active Cyber Defence programme, and set the conditions for a different partnership with the private sector. Of course, much of this was given a new home in the National Cyber Security Centre (NCSC), which itself, was to be part of the Government Communications Headquarters (GCHQ).
In October 2016, the UK’s Communications Electronic Security Group (CESG), which was the government’s National Technical Authority for Information Assurance, and part of GCHQ, was merged with elements of the Centre for Protection of National Infrastructure (CPNI) into one single entity called the National Cyber Security Centre (NCSC).
#2 What does the NCSC do?
The NCSC is in essence the public front end for GCHQ and provides a single point of contact for small and medium enterprises (SMEs), larger organisations, government agencies, the general public and government departments. It works collaboratively with other law enforcement, defence, the UK’s intelligence and security agencies and international partners to support the most critical organisations in the UK as well as the wider public sector, industry, and of course the public.
When incidents do occur, the NCSC provides incident response guidance to minimise harm, and help with recovery, as well as learn lessons for the future. Where threats are developing, the NCSC provides advice and guidelines as to how to mitigate many of those anticipated risks.
#3 The NCSC’s location and approach
The philosophy for how the NCSC operates when it was set up was given by the then minister in the UK Government responsible for the Cabinet Office, Ben Gummer. In his opening address he said: "London leads the world in so many ways already, it is only right that we establish the country's first Cyber Security Centre in the heart of the capital as Britain continues to lead in tackling this global issue. Whilst retaining access to the world leading capabilities, partnerships and people of the intelligence community, this new centre will have an ‘open-door’ policy which will make it easier for businesses of all sizes to get the best support available for cyber issue." The NCSC is based in Victoria in London.
#4 What is the NCSC concentrating on now?
Much has developed since 2016, and the UK Government has launched its 2022- 2030 Cyber Security Strategy “Building a cyber resilient public sector”, where the focus is firmly on the Public sector. According to The Honourable Steve Barclay MP, the Chancellor of the Duchy of Lancaster and Minister for the Cabinet Office, “Government organisations are routinely and relentlessly targeted: of the 777 incidents managed by the National Cyber Security Centre between September 2020 and August 2021, around 40% were aimed at the public sector. This upward trend shows no signs of abating.”
The work of the NCSC is big business. £37.8 million of funding is being invested to tackle the cybersecurity challenges facing local councils to protect vital services and data, alongside targeted investment in the most critical government departments, with £2.6 billion being invested in cyber and legacy IT. The cry for how this will be done, is by building greater cyber resilience across all government organisations and working together to ‘defend as one’ – exerting a defensive force greater than the sum of our parts.
In addition to the roles it has been filling since its launch, the NCSC’s part in this is producing and rolling out Active Cyber Defence products and provided trusted, specialist services, such as the Cyber Gap Analysis assessments and reports, as well as access to expert cyber consultancy.
#5 Where do I find out more?
The best thing about the NCSC is all of its advice is readily accessible, targeted for different industries, and is free on the NCSC website. There is also an online incident reporting page which is monitored 24/7, and advice is usually provided very quickly. The page also helps users understand what else they may need to do to meet data protection regulations, such as GDPR. Finally and one of the most useful pages for all security professionals is the one that contains the weekly threat reports.
About the Author: Philip Ingram MBE is a former colonel in British military intelligence and is now a journalist and international commentator on all matters security and cyber.
Editor’s Note: The opinions expressed in this guest author article are solely those of the contributor, and do not necessarily reflect those of Tripwire, Inc.