15th February 2017

By: Mark Williams, Corporate Security Officer.

In November 2016, the UK Government announced the National Cyber Security Strategy as a considered response to the increase of damaging cyber-attacks against the country’s critical infrastructure and businesses. But what does that mean in tangible terms to UK businesses?

Well, to start, the strategy is split into three areas (defence, deter, develop) and is backed by Government investment of £1.9 billion over 5 years [1]. The aim is to combat organised crime groups, foreign states and other ‘bad actors’ who have been relatively successful due to a lack of a centralised response to their nefarious activities.

Pivotal to the strategy is the National Cyber Security Centre (NCSC) situated in central London. Operating since October 2016, the centre is part of GCHQ and one of its key objectives is to reduce the risks to the UK by working with public and private sector organisations to improve their cyber security. This is no small task given the difficulties in policing a network that spans the globe in terms of connectivity and crosses multiple legal jurisdictions.

And, just as hackers don’t work in isolation, it follows that one stand-alone organisation or government department could not work in isolation to counter the threat. That’s why the NCSC sits under the umbrella of one of the world’s most respected intelligence agencies (GCHQ) and has direct links into law enforcement, close ties with academics and industry professionals. This ‘embedded’ approach means that the NCSC has a chance of not only catching up with, but more importantly overtaking the hackers!

The centre has already produced interesting white papers and relevant articles in an attempt to share knowledge. These resources are refreshing in that they are entirely vendor neutral which is in stark contrast to the multitude of sponsored articles that risk skewing opinion. Cyber/Network Security does suffer from a skills shortage but engaging with schools (and hosting cyber security competitions) is ensuring the next generation is already interested in this demanding and varied field… and that’s a really positive trend.

So, back to the point – what does the opening of the NCSC mean for private sector organisations? Nothing much… at least not yet in my opinion until things bed down. Don’t get me wrong, the NCSC has already been instrumental in closing some websites infected with payloads designed to compromise passing traffic. They have also had great success in cutting down on fraudulent email traffic purporting to be from HMRC. So the early signs are promising.

But, for the moment, their primary focus is to further enhance security across the already hardened government networks and then to filter out reports and advice to the wider audience. It is not going to be a ‘rapid reaction force’ deploying resource in the event of a ransomware attack, nor can they recover data once it has been leaked. There will be no great firewall covering all UK traffic and data. The various programs will take time to mature and I expect to see more original and practical guidance to UK businesses being produced in the weeks and months ahead.

In the meantime, we need to collaborate more. No one vendor has all the answers; they cannot because the questions and threats keep changing. Our approach here at GCI is to engage with our customers to shape our service roadmap, to blend into that roadmap the threats we pick up during our 24/7 network monitoring activity… and, going forward, we will certainly be monitoring advice from the NCSC and we’ll keep you updated.

Further information about the NCSC can be found at or follow on Twitter @NCSC.

[1] //