As more and more of the world’s infrastructure becomes connected over the Internet, governments around the world are developing task forces to focus on cybersecurity. In the UK, the primary government agency responsible for keeping the country safe from digital threats is the National Cyber Security Centre (NCSC).
The center is relatively new, having just started operations in the fall of 2016. But it builds on a longer history of cyber readiness in the UK, and its establishment denotes just how seriously the government is taking the threat of future cyberattacks. In this guide, we’ll take a closer look at what the NCSC is and how it operates.
A pressing need for cybersecurity in the UK
The demand for a unified cybersecurity policy in the UK is evidenced by the sheer number of attacks on the country’s public and private infrastructure. Every day, an estimated 65,000 cyberattacks are launched against UK businesses. According to one estimate, 88% of all UK companies suffered digital breaches in the last year, and each successful attack can cost businesses more than £25,000 to clean up.
Cyberattacks can also target critical infrastructure. In May, Elexon, one of the largest electrical grid operators in the UK, was targeted by cybercriminals. While the UK was busy fighting the coronavirus pandemic, hackers took advantage of the crisis to attack hospitals, medical research institutions, and individual global health experts.
While the UK government and critical businesses like banks and manufacturers are working to stay ahead of cyberthreats, it’s clear that they need support from the UK government. That’s the role of the NCSC, which was conceived of as a unified government agency in charge of providing support to the public and private sectors alike.
The development of the NCSC
Historically, as digital operations and infrastructure developed in the UK, the task of securing cyberspace fell to a number of different government agencies.
The Communications-Electronic Security Group, part of the Government Communications Headquarters, served as a military and intelligence cybersecurity agency. Meanwhile, the Centre for the Protection of National Infrastructure focused on defending public infrastructure from digital threats, and the Computer Emergency Response Team was responsible for responding to cyberattacks in the public and private domains. Finally, the Centre for Cyber Assessment was tasked with informing government policy decisions by producing cyber threat assessment reports.
The goal behind the NCSC was to bring all of these different task forces under a single umbrella. When the NCSC was established in 2016, it absorbed all four of these government agencies and was endowed with a budget of nearly £2 billion over five years.
What does the NCSC do?
The NCSC serves as both a single point of contact for cybersecurity and the UK’s cyber incident response team.
As a single point of contact for cybersecurity in the UK, the NCSC provides advice and resources for individuals, businesses, and government agencies. The center’s stated goal is to be able to help everyone in the country with cybersecurity, either through direct partnership or simply by offering resources on the center’s website.
Perhaps the most important public-facing role of the NCSC is to provide information about current cyber threats. The center keeps guides and information for IT staff, government employees, and individuals about online safety, such as how to identify phishing scams, how to avoid video conferencing vulnerabilities, and how to manage passwords. These guides outline current best practices and provide an anchor point for cybersecurity professionals in the UK.
The center also catalogs all attacks or potential threats in the country across the public and private sectors. It then issues alerts about these threats for IT administrators and security professionals. This allows vulnerabilities to be patched and end-users to be warned of scams before a large-scale cyberattack is able to succeed. Notably, the NCSC’s warnings and threat assessments are followed closely by operators of the electrical grid, financial institutions, large companies, and government agencies.
Another role of the NCSC is to respond to digital attacks anywhere in the UK or on UK businesses. In most cases, this means enforcing UK laws by tracking down cybercriminals. But, the NCSC can also work directly with affected businesses or government agencies to help rebuild cyberinfrastructure and make digital defenses more resilient for the future.
Cyber threat assessments
One of the less public-facing, but no less important, purposes of the NCSC is to assess the range of cybersecurity threats that the UK faces. This is an increasingly critical role of the center as state-sponsored cyberattacks from countries such as Russia, Iran, China, and North Korea increase in frequency and severity. A primary aim of the NCSC behind the scenes is to attribute cyberattacks to these state actors where appropriate.
By monitoring attacks on digital infrastructure in the UK and tracking the groups responsible for these attacks, the NCSC is able to inform other government agencies about the threats the country faces in the future. This can not only help the UK develop more targeted and responsive government policies but also help businesses and the government prepare for the attacks the country is most likely to see in coming years. The NCSC’s work in attributing attacks to state-sponsored hackers can also help the UK government deter future attacks.
The NCSC and the future of cybersecurity
The NCSC is still in its initial five-year funding period. Given the crucial role of cybersecurity in the UK to businesses and the government alike, it’s more than likely that the center will continue either in its current incarnation or as part of another government agency.
Importantly, the NCSC may also take on an increasingly large role for both the public and private sectors as cyberattacks escalate. As digital connectedness grows, particularly with the advent of 5G technology and the Internet of Things, the NCSC will be responsible for defending the UK from cyber threats. Developing resilience to digital threats will be critical in a world where the fallout from a successful hack is more devastating than it already is.