#1 The history of the National Cyber Security Centre

The UK’s first cybersecurity strategy was launched in 2009 and outlined that whatever the shape of the cybersecurity mission, it made no sense to silo it away from other aspects of national security. To be effective, it had to be able to take advantage of high-grade intelligence and other security capabilities. The strategy outlined how the country needed to invest more in getting the public and private partnership really working. It confirmed the need to set even clearer lines of accountability when cyber incidents happened.

In 2015, the UK government took that learning and turned it into a five-year National Cyber Security Strategy. It brought new thinking to the management of cyber incidents, led to the creation of the Active Cyber Defence programme, and set the conditions for a different partnership with the private sector. Of course, much of this was given a new home in the National Cyber Security Centre (NCSC), which itself, was to be part of the Government Communications Headquarters (GCHQ).

In October 2016, the UK’s Communications Electronic Security Group (CESG), which was the government’s National Technical Authority for Information Assurance, and part of GCHQ, was merged with elements of the Centre for Protection of National Infrastructure (CPNI) into one single entity called the National Cyber Security Centre (NCSC).

#2 What does the NCSC do?

The NCSC is in essence the public front end for GCHQ and provides a single point of contact for small and medium enterprises (SMEs), larger organisations, government agencies, the general public and government departments. It works collaboratively with other law enforcement, defence, the UK’s intelligence and security agencies and international partners to support the most critical organisations in the UK as well as the wider public sector, industry, and of course the public.

When (Read more...)