National Cyber Security Centre prevents “thousands of attacks” in first 12 months of operations

A 44-page report marking the first anniversary of the National Cyber Security Centre (NCSC) has shone light on the vital work the organisation has already conducted to make the UK a safe place in the online world. The NCSC, which is part of GCHQ*, brought together elements of its parent organisation with previously separate parts of Government and intelligence to create a ‘one-stop shop’ for UK cyber security. While there’s still much work to be done, in its first 12 months of operations the organisation has prevented thousands of attacks and provided vital support for the UK’s Armed Forces. Cyber experts received a total of 1,131 incident reports, with 590 of them being classed as ‘Significant’.

Across the last 12 months, the NCSC has launched Active Cyber Defence, which blocks tens of millions of attacks every week and has reduced the average time that a phishing site is online from 27 hours to just one hour. The organisation has responded to upwards of 590 significant incidents, co-ordinating Government’s response and providing reassurance to the public, and also led the UK’s response to the global WannaCry incident – which directly affected 47 NHS Trusts – by providing vital assistance and advice to those affected.

The NCSC has created a website to provide easy-to-understand advice and information for the public. The site received 100,000 visitors in a single month and 2,000 tweets were issued over the year. Further, the organisation hosted 2,300 delegates and 173 speakers at its three-day CyberUK conference in Liverpool to share insights and build on the understanding of cyber security and, in parallel, has overseen a 43% increase in visits (4,000 visitors per month) to the Cyber Security Information Sharing Partnership (CiSP), which allows the community to share information about cyber threats.

In addition, the NCSC has produced 200,000 physical items for 190 customer departments through the UK Key Production Authority, in turn securing and protecting the vital communications of our Armed Forces and the national security community.

Importantly, the NCSC has created the pioneering ‘Industry 100’ initiative to work with or embed 100 industry professionals within the organisation in a bid to provide challenge and generate innovation. The organisation has also made an impact on the future of cyber security, helping to foster a talent pipeline of the next generation of experts and working alongside business and academia to create a culture wherein technology can thrive.

Jeremy Fleming, director of GCHQ, explained: “In an increasingly digital world, cyber is playing an ever-more important part in our daily lives and, indeed, in the UK’s approach to security. The threats to the UK are evolving rapidly as technology advances. Our response has been to transform in order to remain ahead of them. The NCSC is a pivotal element of that transformation. It’s a critical component not only of GCHQ, where it benefits from the data and expertise to which it has access as part of the intelligence community, but also of how Government as a whole works to keep the UK safe. The NCSC has brought together unparalleled skills, capabilities and partnerships and, in its first year, has taken enormous strides when it comes to increasing and improving our cyber capabilities. It’s on the front line in protecting the UK against a growing number of cyber attacks.”

Crucial for national security

Ciaran Martin: CEO of the National Cyber Security Centre

Ciaran Martin: CEO of the National Cyber Security Centre

Ciaran Martin, CEO of the NCSC, added: “Cyber security is crucial to our national security and prosperity. We’re incredibly proud of what we’ve achieved in our first year at the National Cyber Security Centre, bringing together some of the best cyber security brains in the country in a single place, but the threat remains very real and growing. Further attacks will happen, and there’s much more for us to do in order to make the UK the safest place in the world in which to live and transact business online. We look forward to working with our partners at home and abroad in the year ahead in pursuit of that vital goal.”

Commenting on the news that more than 1,000 incidents were reported to the NCSC in its first year of operation, Joe Hancock (cyber security lead at Mishcon de Reya) stated: “1,000 attacks may seem like a large number, but the reality is that this is the tip of the iceberg. The majority of attacks on business, Government and third sector organisations go unreported and often undetected. Behind these high-profile incidents, there are millions of online crimes that affect individuals every day.”

Hancock continued: “We routinely deal with these issues, and it’s clear to us that more needs to be done to support law enforcement in helping responders and victims to better detect and recover from cyber episodes. The recent Equifax breach shows the potential downsides of large-scale data collection where there’s little consent. The level of cyber security isn’t globally consistent: we’re always only as strong as the weakest link. We’re keen to see the NCSC’s strategy broadened with further investment.”

Although operational since October 2016, the NCSC’s new London headquarters was officially opened by Her Majesty The Queen and HRH The Duke of Edinburgh in February this year. As well as co-ordinating the Government’s response to 590 significant incidents, the NCSC has prevented waves of attacks through its aforementioned Active Cyber Defence programme.

As part of GCHQ, the NCSC is proud to deliver vital work nationally and internationally and, across the last year, has worked with more than 50 countries in five continents, including signing NATO’s groundbreaking Memorandum of Understanding on Cyber.

The UK Government is fully committed to defending the nation against cyber threats and addressing the cyber skills gap to develop and grow talent. The NCSC was created as part of the Government’s five-year National Cyber Security Strategy. Announced in 2016, that strategy is supported by £1.9 billion of transformational investment.

*Government Communications Headquarters (GCHQ) is one of the three UK Intelligence and Security Agencies, along with MI5 and the Secret Intelligence Service (MI6). GCHQ works to protect the UK and its citizens from a range of threats posed to national security, including those attributable to terrorism, serious and organised crime and cyber attack. It also works to protect the UK’s Armed F forces wherever they may be deployed

About the Author
Brian Sims BA (Hons) Hon FSyI, Editor, Risk UK (Pro-Activ Publications) Beginning his career in professional journalism at The Builder Group in March 1992, Brian was appointed Editor of Security Management Today in November 2000 having spent eight years in engineering journalism across two titles: Building Services Journal and Light & Lighting. In 2005, Brian received the BSIA Chairman’s Award for Promoting The Security Industry and, a year later, the Skills for Security Special Award for an Outstanding Contribution to the Security Business Sector. In 2008, Brian was The Security Institute’s nomination for the Association of Security Consultants’ highly prestigious Imbert Prize and, in 2013, was a nominated finalist for the Institute's George van Schalkwyk Award. An Honorary Fellow of The Security Institute, Brian serves as a Judge for the BSIA’s Security Personnel of the Year Awards and the Securitas Good Customer Award. Between 2008 and 2014, Brian pioneered the use of digital media across the security sector, including webinars and Audio Shows. Brian’s actively involved in 50-plus security groups on LinkedIn and hosts the popular Risk UK Twitter site. Brian is a frequent speaker on the conference circuit. He has organised and chaired conference programmes for both IFSEC International and ASIS International and has been published in the national media. Brian was appointed Editor of Risk UK at Pro-Activ Publications in July 2014 and as Editor of The Paper (Pro-Activ Publications' dedicated business newspaper for security professionals) in September 2015. Brian was appointed Editor of Risk Xtra at Pro-Activ Publications in May 2018.

Related Posts