![]() | This article has multiple issues. Please help improve it or discuss these issues on the talk page . (Learn how and when to remove these messages)
|
The United Kingdom has a diverse cyber security community, interconnected in a complex network.
According to a parliamentary committee the UK government is not doing enough to protect the nation against cyber attack. [1]
The UK Government periodically publishes a Cyber Security Strategy. [3]
Many of the stakeholders across all categories are engaged with that effort.
The overall responsibility for security within the UK rests with the National Security Council which is a cabinet committee chaired by the Prime Minister tasked with overseeing all issues related to national security, intelligence coordination, and defence strategy.
The internal protective security coordination role for UK government is led by the Government Chief Security Officer (GCSO) within the Cabinet Office, who since 2021 has been Vincent Devine. [4]
The central organisation supporting the GCSO is the Government Security Group (GSG), with a distributed Government Security Function / Government Security Profession across the departments and Arms Length Bodies (ALB), and three National Technical Authorities (NTA), all of which have a role in information and/or cyber security:
The role of Lead Government Department (LGD) for Cyber Security is currently fulfilled by the Department for Science, Innovation, and Technology (DSIT), having previously rested with:
All other government departments and ALBs will have staff in the government security function / government security profession, supporting both their internal staff, and their client communities.
Former bodies in this category include:
The Ministry of Defence has primacy for information and cyber security within both its civilian and military staffs (approximately 250,000 personnel), and for the Defence Supply Base (DSB - approximately 30,000 companies).
It has two main security organisations:
These organisation work collaboratively to publish not only the internal rules, but also Defence Standards and Industry Security Notices (ISN) [7]
In April 2016, the MOD announced the creation of the Cyber Security Operations Centre (CSOC) with a budget of over £40 million. It is located at MoD Corsham. [8] [9]
MOD collaborates with the DSB over information and cyber security matters through a number of organisations, including:
Former bodies in this category include:
The National Cyber Force consolidates offensive cyber capabilities from the Ministry of Defence and GCHQ.
The National Crime Agency (NCA) hosts the law enforcement cyber crime unit, incorporating the Child Exploitation and Online Protection Centre.
Former bodies in this category include:
Within the WPS, there are a number of collaborative bodies, including:
Two regulatory bodies have a specific cyber security related function:
Most other regulatory bodies will have staff covering information and cyber security function for both their internal staff, and their client communities.
UK Cyber Clusters |
---|
Bristol and Bath Cyber |
Bournemouth Cyber Cluster |
Cambridge Cluster |
East Midlands |
London |
Malvern Cluster |
Norfolk Cyber Cluster |
North East Cyber Cluster |
North Wales |
North West Cluster |
N Somerset Cluster |
Oxford |
Scottish Cyber Cluster |
Solent Cyber Cluster |
South Wales |
South West Cyber Cluster (Exeter) |
Sussex Cluster |
Thames Valley Cluster |
West Midlands Cluster |
Yorkshire Cluster |
Current bodies that cover multiple sectors include:
Former bodies in this category include: