UK cyber security community

Last updated

The United Kingdom has a diverse cyber security community, interconnected in a complex network.

Contents

Although the terminology is currently largely aligned to a "cyber" view of the world, it is taken to still include information-related concerns, with previous predominant terminology including:

The significant constituents within that community are probably best understood by grouping into high level categories, namely:

Public sector bodies

Legislative

According to a parliamentary committee the UK government is not doing enough to protect the nation against cyber attack. [1]

Central government

National strategy

The UK Government periodically publishes a Cyber Security Strategy. [3]

Many of the stakeholders across all categories are engaged with that effort.

Capstone components

The overall responsibility for security within the UK rests with the National Security Council which is a cabinet committee chaired by the Prime Minister tasked with overseeing all issues related to national security, intelligence coordination, and defence strategy.

The internal protective security coordination role for UK government is led by the Government Chief Security Officer (GCSO) within the Cabinet Office, who since 2021 has been Vincent Devine. [4]

The central organisation supporting the GCSO is the Government Security Group (GSG), with a distributed Government Security Function / Government Security Profession across the departments and Arms Length Bodies (ALB), and three National Technical Authorities (NTA), all of which have a role in information and/or cyber security:

  • The National Technical Authority for Cyber Security (NTA-C) is the National Cyber Security Centre (NCSC) is the UK's authority on cyber security; its parent organisation is GCHQ. It absorbed and replaced CESG (the information security arm of GCHQ) as well as the Centre for Cyber Assessment (CCA), Computer Emergency Response Team UK (CERT UK) and the cyber-related responsibilities of the former Centre for the Protection of National Infrastructure (CPNI). NCSC provides advice and support for the public and private sector in how to avoid cyber threats. [5] CESG (originally Communications-Electronics Security Group) was a branch of GCHQ which worked to secure the communications and information systems of the government and critical parts of UK national infrastructure. The NPSA provided protective security advice to businesses and organisations across the national infrastructure.
  • The National Technical Authority for Protective Security (NTA-P) is the National Protective Security Authority (NPSA) is the successor organisation to CPNI, but retains some elements of information and cyber security that were not transferred to NCSC, including for Cyber Physical Systems (CPS), and for security containers, locks, and structures to protect assets
  • The National Technical Authority for Technical Security (NTA-T) is the UK National Technical Authority for Counter-Eavesdropping (UK NACE), which deals predominantly with countering technical surveillance

Coordination of activity across government is through a series of committees, both from within the world of security, [6] and in aligned domains such as the Chief Technology Officers (CTO), and Knowledge and Information Management (KIM).

Civilian components

The role of Lead Government Department (LGD) for Cyber Security is currently fulfilled by the Department for Science, Innovation, and Technology (DSIT), having previously rested with:

DSIT is responsible for supporting and promoting the UK cyber security sector, promoting cyber security research and innovation, and working with the National Cyber Security Centre to help ensure all UK organisations are secure online and resilient to cyber threats.

All other government departments and ALBs will have staff in the government security function / government security profession, supporting both their internal staff, and their client communities.

Former bodies in this category include:

Defence components

The Ministry of Defence has primacy for information and cyber security within both its civilian and military staffs (approximately 250,000 personnel), and for the Defence Supply Base (DSB - approximately 30,000 companies).

It has two main security organisations:

  • The Directorate of Security and Resilience (DSR), predominantly focused on physical and personnel security
  • The Directorate of Cyber Defence and Risk (CyDR), predominantly focused on information and cyber security

These organisation work collaboratively to publish not only the internal rules, but also Defence Standards and Industry Security Notices (ISN) [8]

In April 2016, the MOD announced the creation of the Cyber Security Operations Centre (CSOC) "to protect the MOD's cyberspace from malicious actors" with a budget of over £40 million. It is located at MoD Corsham. [9] [10]

MOD collaborates with the DSB over information and cyber security matters through a number of organisations, including:

  • Defence Cyber Protection Partnership (DCPP) [11]
  • Defence Industrial Security Association (DISA), [12] formerly the Guild of Security Controllers (GSC)
  • Team Defence Information (the current operating name for the UK Council for Electronic Business (UKCeB)), which is a not-for-profit, membership organisation whose mission is to transform secure information sharing for through life collaboration in defence acquisition and support. [13]

Former bodies in this category include:

  • DIPCOG, the Defence Infosec Product Co-Operation Group

National Cyber Force (NCF)

The National Cyber Force consolidates offensive cyber capabilities from the Ministry of Defence and GCHQ.

Law Enforcement

The National Crime Agency (NCA) hosts the law enforcement cyber crime unit, incorporating the Child Exploitation and Online Protection Centre.

Former bodies in this category include:

Wider Public Sector

The Wider Public Sector (WPS) covers both the Central Government and Law Enforcement categories that are itemised separately, but also elements such as:

Within the WPS, there are a number of collaborative bodies, including:

Former bodies in this category include:

Regulatory bodies

Two regulatory bodies have a specific cyber security related function:

Most other regulatory bodies will have staff covering information and cyber security function for both their internal staff, and their client communities.

Academia

Work in academia on information and cyber security can be delineated into research and teaching.

Academic Centres of Excellence in Cyber Security Research

NCSC has accredited several Academic Centres of Excellence in Cyber Security Research: [16]

Professional bodies

Industry groups

UK Cyber Clusters
Bristol and Bath Cyber
Bournemouth Cyber Cluster
Cambridge Cluster
East Midlands
London
Malvern Cluster
Norfolk Cyber Cluster
North East Cyber Cluster
North Wales
North West Cluster
N Somerset Cluster
Oxford
Scottish Cyber Cluster
Solent Cyber Cluster
South Wales
South West Cyber Cluster (Exeter)
Sussex Cluster
Thames Valley Cluster
West Midlands Cluster
Yorkshire Cluster

Cross-sector bodies

Current bodies that cover multiple sectors include:

Former bodies in this category include:

International Linkages

Many of these categories will provide linkages from the UK to other nations' activities in cyber security, including:

See also

Related Research Articles

<span class="mw-page-title-main">GCHQ</span> British signals intelligence agency

Government Communications Headquarters (GCHQ) is an intelligence and security organisation responsible for providing signals intelligence (SIGINT) and information assurance (IA) to the government and armed forces of the United Kingdom. Primarily based at "The Doughnut" in the suburbs of Cheltenham, GCHQ is the responsibility of the country's Secretary of State for Foreign and Commonwealth Affairs, but it is not a part of the Foreign Office and its Director ranks as a Permanent Secretary.

The Common Criteria for Information Technology Security Evaluation is an international standard for computer security certification. It is currently in version 3.1 revision 5.

Information security standards or cyber security standards are techniques generally outlined in published materials that attempt to protect the cyber environment of a user or organization. This environment includes users themselves, networks, devices, all software, processes, information in storage or transit, applications, services, and systems that can be connected directly or indirectly to networks.

<span class="mw-page-title-main">Federal Office for Information Security</span> German federal agency

The Federal Office for Information Security is the German upper-level federal agency in charge of managing computer and communication security for the German government. Its areas of expertise and responsibility include the security of computer applications, critical infrastructure protection, Internet security, cryptography, counter eavesdropping, certification of security products and the accreditation of security test laboratories. It is located in Bonn and as of 2024 has about 1,700 employees. Its current president, since 1 July 2023, is former business executive Claudia Plattner, who took over the presidency from Arne Schönbohm.

<span class="mw-page-title-main">National Protective Security Authority</span>

The National Protective Security Authority (NPSA), formerly the Centre for the Protection of National Infrastructure (CPNI), is the national technical authority in the United Kingdom for physical and personnel protective security, maintaining expertise in counter terrorism as well as state threats.

HMG Information Assurance Standard No.1, usually abbreviated to IS1, was a security standard applied to government computer systems in the UK.

<span class="mw-page-title-main">CESG Listed Adviser Scheme</span>

The CESG Listed Adviser Scheme was a programme run by CESG, to provide a pool of information assurance consultants to government departments and other public-sector bodies in the UK.

The Security Policy Framework is a set of high-level policies on security, mainly affecting the UK government and its suppliers.

<span class="mw-page-title-main">Robert Hannigan</span> British cybersecurity specialist

Robert Peter Hannigan CMG is a cybersecurity specialist who has been Warden of Wadham College, Oxford, since 2021. He was a senior British civil servant who previously served as the director of the signals intelligence and cryptography agency the Government Communications Headquarters (GCHQ) and established the UK's National Cyber Security Centre. His sudden resignation as director was announced on 23 January 2017, and he stepped down at the end of April 2017 to pursue a career in private sector cyber security, academia and as a security commentator. In 2021 he became Warden of Wadham College, Oxford.

The Chartered Institute of Information Security (CIISec), formerly the Institute of Information Security Professionals (IISP), is an independent, not-for-profit body governed by its members, with the principal objective of advancing the professionalism of information security practitioners and thereby the professionalism of the industry as a whole.

The Public Services Network (PSN) is a UK government's high-performance network, which helps public sector organisations work together, reduce duplication and share resources. It unified the provision of network infrastructure across the United Kingdom public sector into an interconnected "network of networks" to increase efficiency and reduce overall public expenditure. It is now a legacy network and public sector organisations are being migrated to using services on the public internet.

The Government Security Classifications Policy (GSCP) is a system for classifying sensitive government data in the United Kingdom.

The Trustworthy Software Foundation (TSFdn) is a UK not-for-profit organisation, with stated aim of improving software.

<span class="mw-page-title-main">Ian Bryant (academic)</span> British computer scientist

Ian Bryant is a British academic, engaged in promoting Trustworthy Software and Systems, and in Standardisation.

Egress Software Technologies Ltd is a UK-based software company providing security software for e-mail, secure messaging, Document and Email Classification, and associated technologies to assist secure file sharing and handling.

Cyber Essentials is a United Kingdom certification scheme designed to show an organisation has a minimum level of protection in cyber security through annual assessments to maintain certification.

<span class="mw-page-title-main">National Cyber Security Centre (Ireland)</span>

The National Cyber Security Centre (NCSC) is a government computer security organisation in Ireland, an operational arm of the Department of the Environment, Climate and Communications. The NCSC was developed in 2013 and formally established by the Irish government in July 2015. It is responsible for Ireland's cyber security, with a primary focus on securing government networks, protecting critical national infrastructure, and assisting businesses and citizens in protecting their own systems. The NCSC incorporates the Computer Security Incident Response Team (CSIRT-IE).

The National Cyber Security Centre (NCSC) is an organisation of the United Kingdom Government that provides advice and support for the public and private sector in how to avoid computer security threats. It is the UK's National technical authority for cyber threats and Information Assurance Based in London, it became operational in October 2016, and its parent organisation is GCHQ.

Sir Jeremy Ian Fleming was the Director of the Government Communications Headquarters, the UK's intelligence, cyber and security agency. He was appointed in 2017 and was the 16th person to hold the role. He left the post in May 2023.

GovAssure is a new cybersecurity regime for the UK government, starting in 2023.

References

  1. UK 'wholly' unprepared to stop devastating cyber-attack, MPs warn The Guardian
  2. "EURIM".
  3. "UK Cyber Security Strategy". HMG.
  4. "GCSO". HMG.
  5. HM Government (1 November 2016). "National Cyber Security Strategy 2016-2021" (PDF). gov.uk. Retrieved 2 November 2016.
  6. "Committees".
  7. "OCSIA". Archived from the original on 2013-01-23. Retrieved 2013-01-14.
  8. "ISN". HMG. 14 December 2023.
  9. "Defence Secretary announces £40m Cyber Security Operations Centre". Ministry of Defence. 1 April 2016. Archived from the original on 25 April 2019. Retrieved 2 April 2016.
  10. Hammick, Murray (30 October 2018). "The Budget and Defence". The Military Times. London. Archived from the original on 22 October 2019. Retrieved 7 May 2020.
  11. "DCPP". HMG. 23 November 2023.
  12. "DISA".
  13. "UK CeB".
  14. "Cyber Technical Advisory Group" . Retrieved 2023-12-24.
  15. "ICO - About". 20 November 2023. Retrieved 2023-12-24.
  16. "Academic Centres of Excellence in Cyber Security Research". NCSC.
  17. "ACFTI UK".
  18. "BCS Security".
  19. Kaye, David. (2008). Managing risk and resilience in the supply chain. London [England]: BSI Business Information. ISBN   978-1-62198-414-6. OCLC   849744629.
  20. "Home". crest-approved.org.
  21. "ISSA UK".
  22. "ADS".
  23. "CDF".
  24. "techUK".
  25. "Intellect Cyber Security". Archived from the original on 2013-06-14. Retrieved 2013-01-14.
  26. "Intellect Defence & Security". Archived from the original on 2013-06-14. Retrieved 2013-01-16.
  27. "Home". tigerscheme.org.
  28. "BSI - NSB". www.bsigroup.com. Retrieved 2023-12-24.
  29. "NIAF" . Retrieved 2023-12-24.
  30. "Trustworthy Software Foundation" . Retrieved 2023-12-24.
  31. Protecting and promoting the UK in a digital world: 2 years on – Government Press Release, retrieved 12 December 2013
  32. "UKCSC" . Retrieved 2023-12-24.
  33. "WARP".
  34. "IAAC". Archived from the original on 2018-04-10. Retrieved 2013-01-14.
  35. "IAAC - Neville-Jones".
  36. "IAAC Sponsors". Archived from the original on 2017-06-07. Retrieved 2016-05-17.
  37. "Establishment of the IACG". National Archives. Archived from the original on 2008-03-05.
  38. "IACG Overview".
  39. "IA Community Map" (PDF). Archived from the original (PDF) on 2013-07-31. Retrieved 2013-01-14.
  40. EC2ND 2006 - Proceedings of the Second European Conference on Computer Network Defence, 2006
  41. "NDI UK". Archived from the original on 2016-10-21. Retrieved 2013-08-21.