NCSC CEO Lindy Cameron to step down in 2024

NCSC chief exec Lindy Cameron, who helped lead and elevate the national dialogue on cyber security through major events such as Covid-19, SolarWinds Sunburst and Colonial Pipeline, is to step down in the New Year

The UK’s National Cyber Security Centre (NCSC) has announced it is to part ways with its popular CEO, Lindy Cameron, in early 2024, and has begun the search for her successor.

The NCSC’s second leader to hail from Northern Ireland, and only its second leader ever, Cameron joined the NCSC in 2020 in the midst of the gravest public health crisis in UK history, after stints in the Northern Ireland Office, the Department for International Development, the Foreign Office and the Cabinet Office.  

“Lindy Cameron, chief executive of the NCSC, will leave the organisation in early 2024 to take up a diplomatic posting overseas,” said an NCSC spokesperson.

“During her three-and-a-half-year tenure, the NCSC has responded to a wide range of cyber security challenges including managing the cyber security impacts of Russia’s illegal invasion of Ukraine; the evolution of the threat from ransomware; and the emergence of state-aligned actors as a significant cyber threat to the UK’s critical national infrastructure.

“We are very grateful for her leadership…and wish her all the best in her next role.”

Her replacement, who is yet to be identified, will take charge of setting the NCSC’s strategic direction for the “next stage” of its evolution, and like their predecessors will be instrumental in shaping, delivering and communicating the UK’s national response to cyber security.

Besides working alongside the highest levels of government, and with the UK’s international intelligence partners, the role of NCSC chief executive is also a communications role, with the holder expected to act as a media spokesperson and translate often complex technological jargon into terms the public can understand. They will also be tasked with driving the never-ending quest for cyber security skills and talent, and diversity and inclusion within the sector.

Shaping the cyber debate

In an interview in 2022, shortly after she was named as the Computer Weekly UKtech50 Most Influential Person in UK IT, Cameron admitted to a “slightly unhealthy” interest in conflict and crisis, as she reflected on the career that brought her to the NCSC.

“The unifying theme above all has been crisis leadership,” she says. “A lot of my international development career was focused on understanding conflicts and crises and leading through them.”

Besides the fallout from the Covid-19 pandemic, Cameron’s time at the NCSC saw cyber security grow from a somewhat niche topic to a matter of significant public interest, driven by high-impact incidents such as the SolarWinds Sunburst compromises, the disruptive attack on Colonial Pipeline, and more recently, the birth pangs of artificial intelligence (AI) – all events that she was able to use to drive new thinking around making the UK the safest place in the world to live and work online.

“I think in some ways you have to take advantage of the fact that people want to have that conversation and use it to try to shape the debate…I think getting that conversation going really matters,” she said.

Acknowledging that cyber security is as much – if not more of – a human issue as it is a technological one, Cameron also spent a great deal of time refining the NCSC’s involvement in skills development and diversity through programmes such as CyberFirst Girls, and saw one of her biggest priorities as leaving the UK’s cyber skills landscape in better shape than she found it so that, in 10 years’ time, a future NCSC leader can look back and know that the organisation did the right thing when it counted.

Read more about the NCSC's work

  • The NCSC and its US counterpart CISA have brought together tech companies and governments to countersign a new set of guidelines aimed at promoting a secure-by-design culture in AI development.
  • The NCSC has firmly attributed a long-running campaign of cyber attacks targeting UK political processes to a group run out of Russia’s FSB intelligence agency, known as Star Blizzard.
  • Ahead of the annual festival of retail avarice, the NCSC is once again asking consumers to do the bare minimum to avoid falling victim to scams.

Read more on Security policy and user awareness

Data Center
Data Management