Sergey Nivens - Fotolia

National Cyber Security Centre to be UK authority on information security

The UK’s National Cyber Security Centre (NCSC) is to be the UK's one-stop authority on infosec, based in London and led by GCHQ's Ciaran Martin

The UK’s National Cyber Security Centre (NCSC) – announced by chancellor George Osborne in November 2015 – will focus on the financial sector as a top priority.

One of the NCSC’s first tasks will be to work with the Bank of England to produce advice for the financial sector for managing cyber security effectively, the government announced.

“This important work with the Bank of England is paramount to ensuring that businesses of all shapes and sizes understand the threats and what they can do to mitigate them,” said Matthew Hancock, minister for the Cabinet Office.

“We’ll do this by informing the entire business community and public sector about emerging threats, providing support when attacks happen and educating everyone on how best to stay safe online,” he said.

The NCSC one-stop-shop was announced as part of the government’s National Cyber Security plan for the next five years, supported with £1.9bn funding.

The last five-year plan failed to deliver the return on investment that the government had hoped, Alex Dewdney, director of cyber security at CESG, told RSA Conference 2016 in San Francisco.

“We are starting to think about the extent to which government needs to be more interventionist and active in how it takes on some of these [cyber security] challenges – still with industry, but doing more than providing threat information and expecting companies to deal with it,” he said.

Hancock said that forming a body devoted to cyber security and bringing together the UK’s cyber expertise will “transform the UK’s approach” to tackling cyber security issues.

Read more about cyber security

  • Government has announced a £250,000 programme to increase the rate of cyber security startup development in the UK.
  • An essential part of information security is identifying and managing the risks, experts tell the European Information Security Summit 2016.
  • Chancellor George Osborne promises a £1.9bn investment in cyber security over the next five years and to “aggressively defend” public services from cyber attacks.

The shape of GCHQ's involvement

Announcing plans for the NCSC, Osborne said it will host a “cyber force” ready to handle cyber incidents in the UK and ensure “faster and more effective responses to major attacks”.

He also said the centre will be a unified source of advice and support for the economy, replacing the current array of bodies with a single point of contact.

The NCSC – which is set to open in October 2016 – is to be based in London and will be led by Ciaran Martin, currently director general of government and industry cyber security at GCHQ.

He is responsible for shaping and directing GCHQ’s engagement with government, industry and academia on cyber security and information risk.

Martin also develops and sustains GCHQ’s international engagement for information assurance.

Ian Levy, currently technical director of cyber security at GCHQ will also join NCSC in the role of technical director.

Focusing on the online threat

In setting up the NCSC, the government said it will adopt “structured consultation” with the private sector to raise awareness of government intent, to undertake “genuine dialogue” that shapes service delivery, to demonstrate serious commitment to listen, and to develop “sustainable engagement channels”.

Robert Hannigan, director of GCHQ, said that – given the industrial-scale theft of intellectual property from UK companies and universities – the NCSC shows that the UK is focusing its efforts to combat the threats online.

“Ciaran will be an excellent chief executive who will ensure that the NCSC will continue the outstanding work done by all of the existing organisations to protect national security and our economic success,” he said.

Read more on Hackers and cybercrime prevention

Data Center
Data Management