National Cyber Security Centre (United Kingdom)
Agency overview | |
---|---|
Formed | 3 October 2016 |
Headquarters | Victoria, London, England, United Kingdom |
Employees | >1,000[1] |
Annual budget | £1.9 billion (National Cyber Security Strategy, 2016–2021)[1] |
Agency executives |
|
Parent agency | Government Communications Headquarters |
Website | www |
The National Cyber Security Centre (NCSC) is an organisation of the United Kingdom Government that provides advice and support for the public and private sector in how to avoid computer security threats. It is the UK's National technical authority for cyber threats and Information Assurance. Based in Victoria, London, it became operational in October 2016, and its parent organisation is GCHQ.[2]
History
[edit]The NCSC absorbed and replaced CESG (the information security arm of GCHQ), the Centre for Cyber Assessment (CCA), Computer Emergency Response Team UK (CERT UK) and the cyber-related responsibilities of the Centre for the Protection of National Infrastructure (CPNI).[3] It built on earlier efforts of these organisations and the Cabinet Office to provide guidance on Information Assurance to the UK's wider private sector, such as the "10 Steps" guidance released in January 2015. In pre-launch announcements, the UK government stated that the NCSC would first work with the Bank of England to advise financial institutions on how to bolster online defences.[4]
The centre was first announced in November 2015 by the Chancellor of the Exchequer, George Osborne. The existing Director General Cyber of GCHQ, Ciaran Martin, leads the new centre, and GCHQ's current Technical Director of Cyber Security, Dr Ian Levy, assumed the same role at the NCSC.[5] A detailed paper on the creation of the NCSC, including a description of its structure and future challenges, written by the then Director of GCHQ, Robert Hannigan, who is widely credited with establishing the centre, was published by the Royal United Services Institute in February 2019.[6]
The centre was dedicated by the Queen on 14 February 2017.[7][8][9] Philip Hammond, the Chancellor of the Exchequer, announced an investment of £1.9 billion and an initiative to embed 100 people from industry into the NCSC on secondment.[10][11]
In April 2016, the Ministry of Defence announced that a Cyber Security Operations Centre (CSOC) "to protect the MOD's cyberspace from malicious actors" with a budget of over £40 million will contribute to this initiative. It is located at MoD Corsham.[12][13]
In October 2017, technical director Ian Levy was targeted by email prankster James Linton with a fake industry event; however, Levy correctly identified the unexpected headers and worked with him to put out a security blog about the incident.[14][15]
On 1 October 2020 Lindy Cameron, formerly director-general of the Northern Ireland Office, took over from Ciaran Martin as CEO.[16][17][18]
In December 2023, it was announced that Lindy Cameron would step down in early 2024.[19]
In July 2024, the Centre in collaboration with international partners, revealed a North Korean state-sponsored cyber espionage campaign, aimed at stealing military and nuclear secrets. The advisory highlighted the actions of the Andariel group, linked to the DPRK’s Reconnaissance General Bureau's 3rd Bureau, targeting critical infrastructure globally to steal sensitive information and intellectual property. NCSC’s Director of Operations, Paul Chichester, emphasized the significance of protecting such data. Andariel's focus was primarily on sectors like defense, aerospace, nuclear, and engineering, with some attention to the medical and energy sectors. They also launched ransomware attacks against US healthcare organizations to fund further espionage. The advisory included technical details and mitigation strategies, urging network defenders to implement robust protections. The advisory was jointly issued by multiple agencies, including the NCSC, FBI, CISA, NSA, and Korean counterparts.[20]
List of chief executives
[edit]- Ciaran Martin (3 October 2016 to 31 August 2020)[21]
- Lindy Cameron (1 October 2020 to present; was Acting CEO (1 September 2020 to 30 September 2020))[22]
See also
[edit]- UK cyber security community
- National Cyber Security Centre (disambiguation) in other countries
- National Cyber Force
- National Protective Security Authority
- GovAssure
- Cyber Assessment Framework
References
[edit]- ^ a b "Cyber security in the UK" (PDF). House of Commons. Committee of Public Accounts. 15 May 2019. Archived (PDF) from the original on 27 November 2020. Retrieved 1 August 2020.
- ^ HM Government (1 November 2016). "National Cyber Security Strategy 2016-2021" (PDF). gov.uk. Archived (PDF) from the original on 1 November 2016. Retrieved 2 November 2016.
- ^ "About us". National Cyber Security Centre. Archived from the original on 12 March 2017. Retrieved 9 March 2017.
- ^ Corera, Gordon (18 March 2016). "Bank of England to work with new cybersecurity body". BBC News. Archived from the original on 31 December 2017. Retrieved 19 March 2016.
- ^ Jones, Sam (18 March 2016). "UK launches National Cyber Security Centre". Financial Times. Archived from the original on 29 May 2016. Retrieved 19 March 2016.
- ^ "Organising a Government for Cyber: The Creation of the UK's National Cyber Security Centre". RUSI. 27 February 2019. Archived from the original on 17 May 2019. Retrieved 17 March 2019.
- ^ "National Cyber Security Centre: Queen opens new HQ as business warned it is unprepared for attacks". ITV News. 14 February 2017. Archived from the original on 19 September 2018. Retrieved 14 February 2017.
- ^ "Cybersecurity: Queen opens centre to protect against attacks". BBC. 14 February 2017. Archived from the original on 20 June 2019. Retrieved 15 February 2017.
- ^ "Director GCHQ speaks at the official opening of the National Cyber Security Centre | GCHQ Site". www.gchq.gov.uk. Archived from the original on 14 January 2018. Retrieved 17 March 2019.
- ^ "Chancellor's speech at the National Cyber Security Centre opening". HM Treasury. 14 February 2017. Archived from the original on 10 March 2017. Retrieved 15 February 2017.
- ^ "Britain to enter 'new era of online opportunity'". NCSC. 13 February 2017. Archived from the original on 5 October 2018. Retrieved 15 February 2017.
- ^ "Defence Secretary announces £40m Cyber Security Operations Centre". Ministry of Defence. 1 April 2016. Archived from the original on 25 April 2019. Retrieved 2 April 2016.
- ^ Hammick, Murray (30 October 2018). "The Budget and Defence". The Military Times. London. Archived from the original on 22 October 2019. Retrieved 7 May 2020.
- ^ Levy, Ian (30 October 2017). "The serious side of pranking". Archived from the original on 6 April 2020. Retrieved 6 April 2020.
- ^ Stokel-Walker, Chris (28 September 2017). "Revealed: The real identity of prankster king SINON_REBORN". Archived from the original on 6 April 2020. Retrieved 10 April 2020.
- ^ Williams, Oscar (28 July 2020). "NIO's Lindy Cameron to succeed Ciaran Martin as NCSC CEO". New Statesman. Archived from the original on 29 July 2020. Retrieved 28 July 2020.
- ^ Sheridan, Danielle (28 July 2020). "Ex-diplomat to be next cyber security CEO". The Daily Telegraph. Archived from the original on 29 July 2020. Retrieved 28 July 2020.
- ^ "NCSC announces Lindy Cameron as new CEO". www.ncsc.gov.uk. Archived from the original on 24 June 2021. Retrieved 26 August 2020.
- ^ "NCSC CEO Lindy Cameron to step down in 2024 | Computer Weekly". ComputerWeekly.com. Retrieved 6 January 2024.
- ^ Allison, George (30 July 2024). "UK and allies expose North Korean cyber campaign". UK Defence Journal. Retrieved 1 August 2024.
- ^ "National Cyber Security Centre appoints Lindy Cameron as new CEO". Fire Safety Matters. 5 August 2020. Archived from the original on 12 September 2021. Retrieved 12 September 2021.
- ^ "National Cyber Security Centre appoints new CEO". Security World Market. Archived from the original on 12 September 2021. Retrieved 12 September 2021.
External links
[edit]- Official website
- "New National Cyber Security Centre set to bring UK expertise together" – UK Government press release, March 2016
- "10 steps to cyber security" – NCSC, November 2018