The UK’s all-new ‘cyber hub’ that will enable generations to navigate the Internet safely and be protected from the growing threat of online attack has been officially opened by Her Majesty The Queen, accompanied by His Royal Highness The Duke of Edinburgh.
The Government’s National Cyber Security Centre (NCSC) – itself part of GCHQ* and tasked with using the best data, skills and capabilities in order to make the UK the safest place in the world in which to work and transact business online – will use the new office in London’s Victoria as its operational nerve centre to manage incidents, analyse threats and offer advice on online security.
During their tour of the building on Tuesday 14 February, the Royal Party was joined by the Chancellor Philip Hammond, Home Secretary Amber Rudd, Defence Secretary Sir Michael Fallon, Ben Gummer (Minister for the Cabinet Office), Matthew Hancock (Minister of State for Digital and Culture), Treasury Commercial Secretary Baroness Neville-Rolfe and Simon Kirby, Economic Secretary to the Treasury.
The guided tour included demonstrations by NCSC staff of the UK’s past, present and future cyber threats and culminated with Her Majesty The Queen unveiling a commemorative plaque to mark the opening of the NCSC and signing an official photograph.
At the launch, NCSC CEO Ciaran Martin delivered a speech outlining how the organisation aims to reduce the cyber threat posed to critical services, identify and address vulnerabilities and provide expert incident management if and when a major attack does occur.
“Our job is to make the UK the safest place in which to live and do business online,” stressed Martin. “We will help secure our critical services, lead the response to the most serious incidents and improve the underlying security of the Internet through technological improvement and targeted advice to citizens and organisations. We want to be at the centre of a new era of online opportunity and help people to feel as safe as possible when using technology to its fullest potential.”
Defending against cyber threats
The Government is fully committed to defending against cyber threats: a five-year National Cyber Security Strategy (NCSS) was announced last November, supported by £1.9 billion of transformational investment.
Speaking at the launch, the Chancellor Philip Hammond announced the creation of ‘Industry 100’ – a pioneering initiative that will grant 100 highly competitive NCSC secondments to private sector staff who’ll work inside the NCSC to realise innovation that wouldn’t have been possible without collaboration.
The overriding aim here is to bring Government and industry expertise together to work collaboratively and at scale in order to improve the identification of threats and vulnerabilities, as well as enable the development of mitigation advice configured to reduce the impact of future cyber attacks.
The expectation is that representation from industry will be from a diverse range of sectors, and from small right through to large-scale enterprises. The roles will be varied in their nature, occupancy period and security requirements. A selection process is currently being developed as Government anticipates this initiative will be of considerable interest. The working assumption is that industry will fund the roles.
“As Chancellor,” said Hammond, “I know how significant our digital sector is for the UK economy. It’s worth over £118 billion per annum. This cutting-edge National Cyber Security Centre will cement our position as the world leader in cyber security. Work carried out here will ensure that our country remains resilient to potential attacks. Britain is transforming its capabilities in cyber defence and deterrence. It’s crucial that we take action now to defend ourselves and protect our economy.”
Operational since October 2016
While the new NCSC office was officially opened on 14 February, the organisation has been mitigating against attacks and responding to incidents since last October.
In a report issued to mark its launch, the NCSC details some of its early work that will lead to national scale harm reduction from cyber attacks against the UK. The organisation has delivered trial services that proactively discover vulnerabilities in public sector websites, help Government departments better manage spoofing of their e-mail and taken down tens of thousands of phishing sites affecting the UK.
In fact, the NCSC has already dealt with 188 cyber attacks in the past three months.
The NCSC has also worked with key critical infrastructure providers to assess and improve their security. Improved incident management processes have helped victims better manage the impact of successful cyber attacks.
Dr Ian Levy, the NCSC’s technical director, explained: “We’re actively working to reduce the harm caused by cyber attacks against the UK and will use the Government as a ‘guinea pig’ for all the measures we want to see enacted by industry at national scale. This includes everything from free website vulnerability scanning for the public sector and proactively taking down tens of thousands of phishing sites through to our world-leading CyberFirst campaign, which is designed to encourage teenagers to become tomorrow’s cyber security pioneers.”
Dr Levy continued: “These initiatives illustrate the sort of cutting-edge innovation the NCSC will spearhead to make Britain as safe as possible a nation in which to both live and work online – and we’ll do it transparently, driven by evidence and publishing our results.”
Paul Everitt, CEO of ADS Group, said: “The formal opening of the National Cyber Security Centre by Her Majesty The Queen is a major endorsement of the role of the UK’s security industry plays in protecting all types of business and infrastructure. Working in partnership through this Centre enables Government and industry to benefit from access to the latest cyber security capabilities, in turn providing a more informed overview of the threat landscape and the ability to anticipate – and respond to – attacks with greater resilience and agility.”
The UK’s security and resilience industry is internationally recognised as one of the world’s most innovative. Last year, it turned over £9.1 billion and supported more than 121,000 high value jobs, all the while making an important contribution to national prosperity.
Advice and information
Incidents will still happen, and when they do the NCSC website offers advice and information, including support 24 hours per day, seven days a week, 365 days per year for incidents demanding such a level of engagement.
The NCSC will work closely with law enforcement (including the National Crime Agency) and the wider public sector to support cyber security awareness campaigns.
The NCSC is tirelessly committed to enhancing the UK’s reputation of being a world centre for cyber security research, innovation and skills. The aforementioned and extremely popular CyberFirst programme is inspiring, encouraging and developing a ‘cyber-savvy’ cohort of students to help protect the UK’s digital society.
*Government Communications Headquarters (GCHQ) is one of the three UK Intelligence and Security Agencies, along with the Security Service (MI5) and the Secret Intelligence Service (MI6). GCHQ works to protect the UK and its citizens from a range of threats posed to national security, including from terrorism, serious and organised crime and cyber attack. It also actively works to protect the UK’s Armed Forces wherever they’re deployed