UK government details plans for National Cyber Security Centre

Centre of cyber expertise

The government plans to make the NCSC the centre of its expertise on what is happening in cyber space, combining the knowledge gathered from incidents and intelligence with that shared with industry, academia and international partners.

The NCSC will aim to use that knowledge to provide best practice advice and guidance and to tackle systemic vulnerabilities to enhance cyber security for all.

The NCSC will support the most critical organisations in the UK across government and the private sector to secure and defend their networks. This will include the provision of bespoke advice and guidance, help to design and test networks and exercise response arrangements.

When a serious cyber incident occurs, the NCSC will work with victims to minimise the damage, help with recovery and learn lessons to reduce the chance of recurrence and minimise future impact.

According to the prospectus, this help will include connecting victims with commercial companies that are recognised as being excellent at cyber incident response, and ensuring that the wider response of government and law enforcement is well co-ordinated.

In the case of very serious incidents, the NCSC’s response may include communicating publicly about consequences and the steps people and businesses should take to protect themselves.

The establishment of the NCSC will bring a new level of coherence and effectiveness to how government does cyber security. It seeks to partner with government agencies and departments, the devolved administrations, and the wider public and private sectors.

The NCSC will also work in close partnership with law enforcement to support their efforts to tackle cyber crime, and with the UK’s security and intelligence agencies and the Ministry of Defence to identify and counter the full range of threats in cyber space.

The NCSC will support the government’s wider security and prosperity agenda by engaging with international partners on incident handling, situational awareness, building technical capabilities and capacity and contributing to broader cyber security discussions.

Tailored security device

For organisations that have their own networks, the NCSC will run the cyber security information sharing partnership (CiSP). This is aimed at enabling organisations to share information with each other and the NCSC about what they are seeing on their networks, and provide a forum for discussion from beginner through to expert level.

The NCSC will produce tailored advice and guidance to identified sectors and proactively work with companies on this. However, it will initially focus on sectors which form the critical national infrastructure and those of strategic or significant economic importance or tied to the delivery of key public services.

The NCSC will not offer an enquiries line for the general public and Action Fraud will continue to be the first port of call for victims to report suspected cyber crime.

However, when there is a significant cyber incident affecting the UK, the NCSC will have the leading role for government in communicating to the public, to provide reassurance and guidance on what individuals and organisations can do to better protect themselves.

The NCSC’s specialist teams will work with the Ministry of Defence – and other users of very secure communications – to ensure that operational needs are met. It will also ensure the capabilities needed to operate both independently and with the UK’s allies are available in the future.

The NCSC will work with the cyber security industry to help ensure organisations of all kinds can find cyber security products and services that are high quality and meet their needs.

Collaboration key to fighting cyber crime

Gordon Morrison, director of government relations at Intel Security, said the collaborative and open approach promised by the NCSC is critical for tackling the fight against cyber crime.

“We expect that the organisation’s openness will help create a greater climate of collaboration and conversation around this significant challenge affecting all aspects of the lives of British businesses and individuals’ digital lives.

“We look forward to working with the NCSC as it responds to cyber attacks on the UK and promotes a diverse and collaborative approach to cyber security to improve the country’s overall cyber health – between the private and public sector, and in the UK and internationally.”

John Smith, principal solution architect at code-checking firm Veracode, said it is essential that organisations gain a greater awareness around the threat of vulnerabilities and how best to approach them to remediate them.

“We expect the NCSC to stride forward in helping organisations understand this acute threat and the importance of incorporating proactive application security measures into their cyber security processes,” he said.

According to Veracode, cyber attacks at the application layer are growing by more than 25% annually, with exploited vulnerabilities frequently resulting in catastrophic data breaches, such as the TalkTalk breach achieved using an SQL injection attack.

“Too frequently organisations’ take a lacklustre approach to remediating these potentially grave vulnerabilities. In the retail and hospitability sectors, Veracode research found only 60% of application vulnerabilities identified were fixed,” said Smith.