kirill_makarov - Fotolia

National Cyber Security Centre officially opens for business

The NCSC is at the forefront of the UK’s defence against cyber threats to critical national infrastructure and the digital economy

The Queen will today officially open the National Cyber Security Centre (NCSC), a single, central body for cyber security at a national level. The NCSC is core to the government’s National Cyber Security Strategy, which was unveiled on 1 October 2016.

At the time, Chancellor of the Exchequer Philip Hammond said: “The new National Cyber Security Centre will provide a hub of world-class, user-friendly expertise for businesses and individuals, as well as rapid response to major incidents.”

Hammond said the government’s 2015 Strategic Defence and Security Review classified cyber as a Tier One threat to the UK, and outlined the actions the government needed to take to secure the country.

“Government must take a more active cyber defence approach – supporting industry’s use of automated defence techniques to block, disrupt and neutralise malicious activity before it reaches the user,” he said. “The public has much to gain from active cyber defence and, with the proper safeguards in place to protect privacy, these measures have the potential to be transformational in ensuring that UK internet users are secure by default.”

According to the National Cyber Security 2016-2021 report, NCSC’s role will be to manage national cyber incidents, provide an authoritative voice and centre of expertise on cyber security, and deliver tailored support and advice to government departments, the devolved administrations, regulators and businesses.

“The NCSC will analyse, detect and understand cyber threats, and will also provide its cyber security expertise to support the government’s efforts to foster innovation, support a thriving cyber security industry, and stimulate the development of cyber security skills,” the report said.

Read more about cyber threats

  • Public Accounts Committee sets out six recommendations for the Cabinet Office to address shortcomings in protecting government data as UK defence secretary expresses concern over Russian cyber activity.
  • Speaking at the Microsoft Future Decoded event in London, the Chancellor revealed how Britain would take an offensive stance to protect infrastructure.

But a recent Public Accounts Committee report noted: “The breadth of the NCSC’s role is considerable and it is still unclear which organisations from across the public and private sectors can call on the NCSC for assistance.”

In November, at a speech during Microsoft’s Future Decoded event in London, NCSC technical director Ian Levy called for the IT industry to focus on systemic root-cause management instead of blaming the user.

Levy called on the cyber security industry to stop trying to force users to use increasingly complex passwords and start becoming more of a data-driven discipline.

Read more on IT governance