NCSC looks back on year of ‘profound change’ for cyber

The UK’s National Cyber Security Centre (NCSC) provided support for 18 nationally significant ransomware attacks; removed 2.1 million cyber-enabled commodity campaigns; issued 34 million early warning alerts about attacks, compromises, vulnerabilities or open ports; and received 6.5 million reports of suspicious emails in the past 12 months – but in a year of “profound change” in the cyber security landscape, it was Russia’s invasion of Ukraine that dominated the agenda.

Reflecting on the past 12 months as she launched the NCSC’s latest annual report on 1 November at an event in London, NCSC CEO Lindy Cameron said that the return of war to Europe with Russia’s invasion of Ukraine presented a unique set of challenges in cyber space for the NCSC and its partners and allies.

“We have been part of a huge effort to ensure UK organisations, critical infrastructure and the whole of society are as resilient as they can be,” said Cameron.

“As well as keeping the UK safe, I am proud of the role the NCSC played, in conjunction with FCDO [the Foreign, Commonwealth and Development Office], in supporting the Ukrainian authorities’ staunch cyber defence in the face of Russian hostility.

“These efforts were shown to have been critical in protecting the Ukrainians against Russian cyber attacks and raising their general cyber resilience,” she said.

Cameron added that while the cyber threat from Russia has perhaps been the most visible security issue of 2022, it was also important not to forget that when it comes to nation-state actors, it will likely be the technical development and evolution of China that ultimately has the more lasting impact on the UK’s national cyber security.

Closer to home, the NCSC’s mission in the past year has been tightly aligned with the government’s new National Cyber Strategy, which advocates a “whole-of-society” approach to security. Much of its quotidian work has centred on building resilience not just among businesses and public sector bodies, but among the general public too – the success of the NCSC’s ongoing Cyber Aware campaign to change citizen behaviour when it comes to personal email security is just one high-profile example of this.

Meanwhile, at the organisational level, the NCSC’s Cyber Essentials programme saw strong adoption this year, with a 15% rise in certifications and a 15% rise in the number of organisations attaining its enhanced ‘Plus’ status. There are now more than 300 cyber security companies licensed as certification bodies for Cyber Essentials, and statistics suggest that Cyber Essentials-certified SMEs are 60% less likely to need to make a cyber insurance claim should they experience an incident.

The Active Cyber Defence programme also saw strong uptake in 2022, with a 23% increase in organisations using its Protective Domain Name Service (PDNS) to stop users accessing malicious domains or IP addresses; a 42% increase in those using the Mail Check email security service; 42% growth in users of the Exercise In A Box toolkit; and a 90% increase in sign-ups to the Early Warning service.

But beyond simply protecting the UK from threats, the NCSC’s remit extends to shepherding cyber innovation and regulation and nurturing the UK’s security community and industry.

In the first instance, 2022 proved to be another busy year, with work being done on the development and delivery of a tool to discover new mobile network vulnerabilities, and the joint development of a National Telecoms Signal Monitoring Service to improve understanding of threats and defences.

The NCSC also supported the development of the UK’s Electronic Communications (Security Measures) and related draft Code of Practice, the Product Security and Telecommunications Infrastructure Bill, and published frequent new guidance covering issues such as cloud, device security, artificial intelligence and zero trust.

In terms of support for the sector, the NCSC continued its successful CyberFirst activities, challenges and competitions for young people. This year saw 7,000 girls participate in the CyberFirst Girls competition, while 85 students (42% female and 23% from BAME backgrounds) join its CyberFirst bursary. Additionally, eight more schools and colleges received CyberFirst status recognising excellence in security education, and there are also growing numbers of cyber-related under- and postgraduate courses around the country, with 13 universities officially recognised for offering “first rate” security education.

Beyond education, growing numbers of startups continue to emerge from the NCSC for Startups programme, with members of the various cohorts now numbering 62, employing more than 1,200 people and attracting £422m in investment, up from £100m last year. The NCSC also continued its close work with the UK Cyber Security Council on professional development, standards and certifications.

At least in part due to its efforts, the Department for Digital, Culture, Media and Sport (DCMS) estimates the UK’s security industry to have grown in value by 13.4% this year to £10.1bn, with 1,838 active cyber companies providing 52,000 jobs and attracting over £1bn in inward investment.