National Cyber Security Centre (United Kingdom)

Last updated

National Cyber Security Centre (NCSC)
NCSC (UK) logo.png
Agency overview
Formed3 October 2016;8 years ago (3 October 2016)
Headquarters Victoria, London, England, United Kingdom
Employees>1,000 [1]
Annual budget£1.9 billion (National Cyber Security Strategy, 2016–2021) [1]
Agency executives
  • Richard Horne, Acting CEO
  • Felicity Oswald, Chief Operating Officer (COO)
  • Paul Chichester, Director of Operations
  • Chris Ensor, Deputy Director for Cyber Growth
  • Eleanor Fairford, Deputy Director for Incident Management
  • Marsha Quallo-Wright, Deputy Director – Delivery, Engineering and Crypt-Key
  • Jonathon Ellison, Director for National Resilience and Future Technology
  • Ollie Whitehouse, Chief Technical Officer
Parent agency Government Communications Headquarters
Website www.ncsc.gov.uk OOjs UI icon edit-ltr-progressive.svg

The National Cyber Security Centre (NCSC) is an organisation of the United Kingdom Government that provides advice and support for the public and private sector in how to avoid computer security threats. It is the UK's National technical authority for cyber threats and Information Assurance. Based in Victoria, London, it became operational in October 2016, and its parent organisation is GCHQ. [2]

Contents

History

The NCSC absorbed and replaced CESG (the information security arm of GCHQ), the Centre for Cyber Assessment (CCA), Computer Emergency Response Team UK (CERT UK) and the cyber-related responsibilities of the Centre for the Protection of National Infrastructure (CPNI). [3] It built on earlier efforts of these organisations and the Cabinet Office to provide guidance on Information Assurance to the UK's wider private sector, such as the "10 Steps" guidance released in January 2015. In pre-launch announcements, the UK government stated that the NCSC would first work with the Bank of England to advise financial institutions on how to bolster online defences. [4]

The centre was first announced in November 2015 by the Chancellor of the Exchequer, George Osborne. The existing Director General Cyber of GCHQ, Ciaran Martin, leads the new centre, and GCHQ's current Technical Director of Cyber Security, Dr Ian Levy, assumed the same role at the NCSC. [5] A detailed paper on the creation of the NCSC, including a description of its structure and future challenges, written by the then Director of GCHQ, Robert Hannigan, who is widely credited with establishing the centre, was published by the Royal United Services Institute in February 2019. [6]

The centre was dedicated by the Queen on 14 February 2017. [7] [8] [9] Philip Hammond, the Chancellor of the Exchequer, announced an investment of £1.9 billion and an initiative to embed 100 people from industry into the NCSC on secondment. [10] [11]

In April 2016, the Ministry of Defence announced that a Cyber Security Operations Centre (CSOC) "to protect the MOD's cyberspace from malicious actors" with a budget of over £40 million will contribute to this initiative. It is located at MoD Corsham. [12] [13]

In October 2017, technical director Ian Levy was targeted by email prankster James Linton with a fake industry event; however, Levy correctly identified the unexpected headers and worked with him to put out a security blog about the incident. [14] [15]

On 1 October 2020 Lindy Cameron, formerly director-general of the Northern Ireland Office, took over from Ciaran Martin as CEO. [16] [17] [18]

In December 2023, it was announced that Lindy Cameron would step down in early 2024. [19]

In July 2024, the Centre in collaboration with international partners, revealed a North Korean state-sponsored cyber espionage campaign, aimed at stealing military and nuclear secrets. The advisory highlighted the actions of the Andariel group, linked to the DPRK’s Reconnaissance General Bureau's 3rd Bureau, targeting critical infrastructure globally to steal sensitive information and intellectual property. NCSC’s Director of Operations, Paul Chichester, emphasized the significance of protecting such data. Andariel's focus was primarily on sectors like defense, aerospace, nuclear, and engineering, with some attention to the medical and energy sectors. They also launched ransomware attacks against US healthcare organizations to fund further espionage. The advisory included technical details and mitigation strategies, urging network defenders to implement robust protections. The advisory was jointly issued by multiple agencies, including the NCSC, FBI, CISA, NSA, and Korean counterparts. [20]

List of chief executives

  1. Ciaran Martin (3 October 2016 to 31 August 2020) [21]
  2. Lindy Cameron (1 October 2020 to present; was Acting CEO (1 September 2020 to 30 September 2020)) [22]

See also

Related Research Articles

<span class="mw-page-title-main">GCHQ</span> British signals intelligence agency

Government Communications Headquarters (GCHQ) is an intelligence and security organisation responsible for providing signals intelligence (SIGINT) and information assurance (IA) to the government and armed forces of the United Kingdom. Primarily based at "The Doughnut" in the suburbs of Cheltenham, GCHQ is the responsibility of the country's Secretary of State for Foreign and Commonwealth Affairs, but it is not a part of the Foreign Office and its director ranks as a Permanent Secretary.

<span class="mw-page-title-main">Australian Signals Directorate</span> Australian signals intelligence agency

The Australian Signals Directorate (ASD), formerly the Defence Signals Directorate, is a statutory agency of the Government of Australia responsible for signals intelligence, providing intelligence support to Australian military operations, conducting cyberwarfare and ensuring information security. The ASD is a part of the larger Australian Intelligence Community, and its role within the so-called Five Eyes intelligence-sharing alliance is to monitor signals intelligence in South and East Asia. The Australian Cyber Security Centre (ACSC) is an agency within the ASD.

<span class="mw-page-title-main">Communications Security Establishment</span> Canadian cryptologic agency

The Communications Security Establishment, formerly called the Communications Security Establishment Canada (CSEC), is the Government of Canada's national cryptologic agency. It is responsible for foreign signals intelligence (SIGINT) and communications security (COMSEC), protecting federal government electronic information and communication networks, and is the technical authority for cyber security and information assurance.

<span class="mw-page-title-main">National Protective Security Authority</span>

The National Protective Security Authority (NPSA) is the national technical authority in the United Kingdom for physical and personnel protective security, maintaining expertise in counter terrorism as well as state threats.

<span class="mw-page-title-main">Information Security Group</span> Academic information security group

Founded in 1990, the Information Security Group (ISG) is one of the oldest academic departments focusing on Information and Cyber Security. It is part of the Engineering, Physical Sciences and Mathematics School (EPMS) at Royal Holloway, University of London. It has around 25 established academic posts, 7 visiting Professors or Fellows and over 90 research students. The Founder Director of the ISG was the late Professor Fred Piper, and the current director is Professor Lizzie Coles-Kemp. Previous directors include Professors Peter Komisarczuk, Keith Martin, Keith Mayes, Chris Mitchell and Peter Wild.

<span class="mw-page-title-main">National Security Council (United Kingdom)</span> British government Cabinet committee

The National Security Council is a United Kingdom cabinet committee. The Council's terms of reference were said in September 2022 to include matters relating to national security, foreign policy, defence, trade, international relations, development, resilience and resource security. As of 2024, the meetings are held weekly.

<span class="mw-page-title-main">Robert Hannigan</span> British cybersecurity specialist

Robert Peter Hannigan CMG is a cybersecurity specialist who has been Warden of Wadham College, Oxford, since 2021. He was a senior British civil servant who previously served as the director of the signals intelligence and cryptography agency the Government Communications Headquarters (GCHQ) and established the UK's National Cyber Security Centre. His sudden resignation as director was announced on 23 January 2017, and he stepped down at the end of April 2017 to pursue a career in private sector cyber security, academia and as a security commentator. In 2021 he became Warden of Wadham College, Oxford.

The Chartered Institute of Information Security (CIISec), formerly the Institute of Information Security Professionals (IISP), is an independent, not-for-profit body governed by its members, with the principal objective of advancing the professionalism of information security practitioners and thereby the professionalism of the industry as a whole.

<span class="mw-page-title-main">IASME</span>

IASME Governance is an Information Assurance standard that is designed to be simple and affordable to help improve the cyber security of Small and medium-sized enterprises (SMEs).

The United Kingdom has a diverse cyber security community, interconnected in a complex network.

The Government of the United Kingdom maintains several intelligence agencies that deal with secret intelligence. These agencies are responsible for collecting, analysing and exploiting foreign and domestic intelligence, providing military intelligence, and performing espionage and counter-espionage. Their intelligence assessments contribute to the conduct of the foreign relations of the United Kingdom, maintaining the national security of the United Kingdom, military planning, public safety, and law enforcement in the United Kingdom. The four main agencies are the Secret Intelligence Service, the Security Service (MI5), the Government Communications Headquarters (GCHQ) and Defence Intelligence (DI). The agencies are organised under three government departments, the Foreign Office, the Home Office and the Ministry of Defence.

Cyber Essentials is a United Kingdom certification scheme designed to show an organisation has a minimum level of protection in cyber security through annual assessments to maintain certification.

<span class="mw-page-title-main">National Cyber Security Centre (Ireland)</span>

The National Cyber Security Centre (NCSC) is a government computer security organisation in Ireland, an operational arm of the Department of the Environment, Climate and Communications. The NCSC was developed in 2013 and formally established by the Irish government in July 2015. It is responsible for Ireland's cyber security, with a primary focus on securing government networks, protecting critical national infrastructure, and assisting businesses and citizens in protecting their own systems. The NCSC incorporates the Computer Security Incident Response Team (CSIRT-IE).

Sir Jeremy Ian Fleming was the Director of the Government Communications Headquarters, the UK's intelligence, cyber and security agency. He was appointed in 2017 and was the 16th person to hold the role. He left the post in May 2023.

<span class="mw-page-title-main">Ciaran Martin</span> British cybersecurity expert (born 1974)

Ciaran Liam Martin,, is a British professor and former CEO of the National Cyber Security Centre (NCSC). In September 2020 he was appointed Professor of Practice in the Management of Public Organisations at the Blavatnik School of Government, University of Oxford.

"CYBERUK 2018 Leadership Agenda"(PDF). Archived from the original(PDF) on 31 July 2018.

The National Cyber Force (NCF) is intended to consolidate offensive cyber activity in the United Kingdom, by enabling an offensive capability to combat security threats, hostile states, terror groups, extremism, hackers, disinformation and election interference.

<span class="mw-page-title-main">Richard Benham</span> Academic and author

Richard Benham is a pioneering figure in the field of Cyber Security, known for his contributions as an academic, innovator, entrepreneur, and best-selling author. He was the world's first formal Professor of Cyber Security Management at Coventry University in 2013 and now holds a visiting Chair at Abertay University in Cyber Innovation, Trust and Ethics.

<span class="mw-page-title-main">Lindy Cameron</span> British civil servant and diplomat

Lindy Cameron is a British civil servant and diplomat, serving from April 2024 as British High Commissioner to India. From 2020 to 2024 she was chief executive officer at the National Cyber Security Centre, and before that Director-General in the Northern Ireland Office and the Department for International Development.

On July 17th 2024, it was announced at the State Opening of Parliament that the Labour government will introduce the Cyber Security and Resilience Bill (CS&R). The proposed legislation is intended to update the existing Network and Information Security Regulations 2018, known as UK NIS. CS&R will strengthen the UK's cyber defences and resilience to hostile attacks thus ensuring that the infrastructure and critical services relied upon by UK companies are protected by addressing vulnerabilities, while ensuring the digital economy can deliver growth.

References

  1. 1 2 "Cyber security in the UK" (PDF). House of Commons. Committee of Public Accounts. 15 May 2019. Archived (PDF) from the original on 27 November 2020. Retrieved 1 August 2020.
  2. HM Government (1 November 2016). "National Cyber Security Strategy 2016-2021" (PDF). gov.uk. Archived (PDF) from the original on 1 November 2016. Retrieved 2 November 2016.
  3. "About us". National Cyber Security Centre. Archived from the original on 12 March 2017. Retrieved 9 March 2017.
  4. Corera, Gordon (18 March 2016). "Bank of England to work with new cybersecurity body". BBC News. Archived from the original on 31 December 2017. Retrieved 19 March 2016.
  5. Jones, Sam (18 March 2016). "UK launches National Cyber Security Centre". Financial Times. Archived from the original on 29 May 2016. Retrieved 19 March 2016.
  6. "Organising a Government for Cyber: The Creation of the UK's National Cyber Security Centre". RUSI. 27 February 2019. Archived from the original on 17 May 2019. Retrieved 17 March 2019.
  7. "National Cyber Security Centre: Queen opens new HQ as business warned it is unprepared for attacks". ITV News. 14 February 2017. Archived from the original on 19 September 2018. Retrieved 14 February 2017.
  8. "Cybersecurity: Queen opens centre to protect against attacks". BBC. 14 February 2017. Archived from the original on 20 June 2019. Retrieved 15 February 2017.
  9. "Director GCHQ speaks at the official opening of the National Cyber Security Centre | GCHQ Site". www.gchq.gov.uk. Archived from the original on 14 January 2018. Retrieved 17 March 2019.
  10. "Chancellor's speech at the National Cyber Security Centre opening". HM Treasury. 14 February 2017. Archived from the original on 10 March 2017. Retrieved 15 February 2017.
  11. "Britain to enter 'new era of online opportunity'". NCSC. 13 February 2017. Archived from the original on 5 October 2018. Retrieved 15 February 2017.
  12. "Defence Secretary announces £40m Cyber Security Operations Centre". Ministry of Defence. 1 April 2016. Archived from the original on 25 April 2019. Retrieved 2 April 2016.
  13. Hammick, Murray (30 October 2018). "The Budget and Defence". The Military Times. London. Archived from the original on 22 October 2019. Retrieved 7 May 2020.
  14. Levy, Ian (30 October 2017). "The serious side of pranking". Archived from the original on 6 April 2020. Retrieved 6 April 2020.
  15. Stokel-Walker, Chris (28 September 2017). "Revealed: The real identity of prankster king SINON_REBORN". Archived from the original on 6 April 2020. Retrieved 10 April 2020.
  16. Williams, Oscar (28 July 2020). "NIO's Lindy Cameron to succeed Ciaran Martin as NCSC CEO". New Statesman. Archived from the original on 29 July 2020. Retrieved 28 July 2020.
  17. Sheridan, Danielle (28 July 2020). "Ex-diplomat to be next cyber security CEO" . The Daily Telegraph. Archived from the original on 29 July 2020. Retrieved 28 July 2020.
  18. "NCSC announces Lindy Cameron as new CEO". www.ncsc.gov.uk. Archived from the original on 24 June 2021. Retrieved 26 August 2020.
  19. "NCSC CEO Lindy Cameron to step down in 2024 | Computer Weekly". ComputerWeekly.com. Retrieved 6 January 2024.
  20. Allison, George (30 July 2024). "UK and allies expose North Korean cyber campaign". UK Defence Journal. Retrieved 1 August 2024.
  21. "National Cyber Security Centre appoints Lindy Cameron as new CEO". Fire Safety Matters. 5 August 2020. Archived from the original on 12 September 2021. Retrieved 12 September 2021.
  22. "National Cyber Security Centre appoints new CEO". Security World Market. Archived from the original on 12 September 2021. Retrieved 12 September 2021.
This page is based on this Wikipedia article
Text is available under the CC BY-SA 4.0 license; additional terms may apply.
Images, videos and audio are available under their respective licenses.