bizvector -

NCSC invites security pros to join the big leagues

The NCSC is inviting security pros from across the UK to sign up to work with its experts on an intelligence-sharing initiative

The UK’s National Cyber Security Centre (NCSC) has launched Cyber League, an initiative through which it hopes to bring together a trusted community of security experts drawn from its own ranks and the wider industry, to work together on tackling the most urgent cyber threats facing the country.

The group will see a diverse group of experts collaborate to apply their own unique knowledge and understanding to the threat picture as they participate in a range of engagements, from discussion groups to analytic workshops.

“Cyber defence is a giant, complex and ever-changing puzzle, with critical knowledge, skills and innovation spread widely across industry and government,” said NCSC operations director Paul Chichester. “Only through working together can we achieve our collective aim of making the UK the safest place to live and work online.”

Organisations that wish to take part in the Cyber League will have to form part of the cyber security or threat intelligence industry, and be able to demonstrate a “substantial” connection to the UK. Up to three volunteers from each organisation will be admitted to the League, providing they have the relevant security experience and knowledge.

The NCSC said the Cyber League would complement its existing Industry 100 (i100) secondment initiative, but is designed to be of value to those who may not be able to commit the time this programme requires, but still have experience and knowledge to share.

Raj Samani, senior vice-president and chief scientist at Rapid7, characterised the initiative as a positive step for the UK cyber security industry. “With the current asymmetry of information among criminal threat groups and the cyber security industry, it’s great to see the NCSC taking proactive steps to promote the sharing of skills and information through the Cyber League initiative,” he said.

“We currently get bogged down too much in speculation about vulnerabilities and threats,” said Samani. “We need to take on a new path and put more value into the open sharing of threat indicators to benefit the mitigation of future incidents. This new Cyber League will act as a great place to boost context-driven threat hunting and innovate how we tackle the rising problem of cyber security.”

Collaboration an enabler

Under its outgoing CEO, Lindy Cameron – who recently announced her intention to step down from the role – the NCSC has centred collaboration between its in-house and GCHQ-backed expertise and the wider industry to help it meet the government’s goals around cyber security.

Writing earlier this week, the organisation’s new chief technology officer, Ollie Whitehouse, said that moving forward, he would prioritise pursuing a clearer, evidence-based understanding of UK plc’s collective weaknesses, seeking more objective understanding of how efficient resilience-building efforts across technology, products, services, people, processes and systems really are.

“We must ensure that the UK, our international partners and supply chains are prepared for material cyber events,” he wrote.

“We continue to operate in a world of greater competition, instability and contention than we have in over 30 years; a time before which cyber was material,” said Whitehouse. “As such, we need to go beyond the excellent work already in place … and prepare for when the big cyber event hits organisations, the UK, and the globe.

“Our adversaries, criminal and otherwise, are more aggressive and technically able than ever before, and show no sign of slowing down,” he added. “We need to prepare for ‘when’ and not ‘if’.”

Referencing predecessor Ian Levy’s Hitchhiker’s guide to the galaxy fandom, Whitehouse concluded: “I am glad I brought my towel.”

Read more about the NCSC’s work

  • The NCSC and its US counterpart CISA have brought together tech companies and governments to countersign a new set of guidelines aimed at promoting a secure-by-design culture in AI development.
  • The NCSC has firmly attributed a long-running campaign of cyber attacks targeting UK political processes to a group run out of Russia’s FSB intelligence agency, known as Star Blizzard.
  • Ahead of the annual festival of retail avarice, the NCSC is once again asking consumers to do the bare minimum to avoid falling victim to scams.

Read more on Security policy and user awareness

Data Center
Data Management