NCSC names ex-NCC man as new CTO

New NCSC CTO Ollie Whitehouse joins from NCC Group, having also worked at BlackBerry and Symantec

The UK’s National Cyber Security Centre (NCSC) has named former NCC Group chief technology officer (CTO) Ollie Whitehouse as its CTO, in a newly created role that replaces in part that performed by the agency’s well-regarded technical director Ian Levy, who left the organisation earlier this year.

Whitehouse will be tasked with shaping and delivering the UK’s whole-of-society national cyber security mission, helping to combat the myriad threats facing the country at scale, and building collective resilience.

He will also play a key role in maintaining the NCSC’s role as the country’s National Technical Authority, help ensure the organisation remains at the forefront of digital developments, anticipating new threats as they arise, and will also help move the needle on some of the more pressing challenges facing the UK’s cyber security workforce, such as diversity and inclusion.

“We’re delighted that Ollie will be joining the NCSC as our new chief technology officer,” said NCSC CEO Lindy Cameron. “He will bring a wealth of knowledge and expertise to our mission to make the UK the safest place to live and work online, at a time when the pace of technological change has never been more evident.”

Whitehouse added: “I’m honoured to be starting as chief technology officer at the NCSC and look forward to supporting its world-class talent in their critical work keeping the UK safe online.

“Having worked closely with the NCSC since its inception, I know how crucial its mission is and I am eager to contribute to our national security by addressing the collective challenges we face in maintaining our edge in cyberspace.”

Whitehouse, who will officially take up the role towards the end of October 2023, is a 27-year veteran of the cyber security sector, and besides NCC, he has held senior roles in security research at both BlackBerry and Symantec.

He has also been influential in advisory roles to government, including serving as chair of the Department for Science, Innovation and Technology’s (DSIT’s) Cyber Technology External Advisory Group.

He has also been a key player in the ongoing CyberUP campaign to reform the Computer Misuse Act (CMA) of 1990 to provide legal cover to cyber security professionals who fear they may end up being prosecuted under the outdated laws simply for doing their jobs, frequently speaking out on the need for the rules to change.

Read more about the NCSC’s work

  • The UK’s NCSC says it sees alarming potential for so-called prompt injection attacks driven by the large language models that power AI chatbots.
  • The NCSC has added a level to its CIR programme to enable more cyber attack victims to take advantage of the service, which offers access to assured incident response specialists.
  • Although its activity volumes have been lower of late, LockBit is still a highly dangerous ransomware gang and is now the subject of a new international cyber advisory.

Read more on Security policy and user awareness

Data Center
Data Management