National Cyber Security Centre
The NCSC was set up to help protect critical services from cyber attacks, managing major incidents and improve the underlying security of the UK Internet through technological improvement and advice to citizens and organisations. Their vision is to help make the UK the safest place to live and do business online
The National Cyber Security Centre (NCSC) is the UK’s authority on cyber security. It is part of GCHQ. The NCSC brings together and replaces CESG (the information security arm of GCHQ), the Centre for Cyber Assessment (CCA), Computer Emergency Response Team UK (CERT UK) and the cyber-related responsibilities of the Centre for the Protection of National Infrastructure (CPNI).
The NCSC has access to some of the most sophisticated capabilities available to government. It acknowledges the sensitivity of these resources, whilst working to make the benefits of its expertise as widely available as possible.
The NCSC’s main purpose is to reduce the cyber security risk to the UK by improving its cyber security and cyber resilience. It works together with UK organisations, businesses and individuals to provide authoritative and coherent cyber security advice and cyber incident management. This is underpinned by world class research and innovation. It recognises that, despite all efforts to reduce risks and enhance security, incidents will happen. When they do, the NCSC will provide effective incident response to minimise harm to the UK, help with recovery, and learn lessons for the future.
The NCSC is open and accessible, working collaboratively with various government agencies and departments, law enforcement, defence, the UK’s intelligence and security agencies and a number of international partners. It recognises the value of diversity and different perspectives and brings together a unique range of talents, skills and experience to tackle the hardest cyber security challenges that the UK faces. They are experts and look to the future, exchanging talent with other organisations through secondments and interchanges, allowing them to foster the technical innovation needed to succeed in an ever changing landscape.
What does the NCSC do?
Understanding cyber security
The NCSC shares its knowledge, identifies and address systemic vulnerabilities
Close relationships with industry, academia and international partners enables NCSC to amplify the intelligence it gathers from cyber incidents. They then distil this knowledge into best practice advice and guidance, and make it available to all who wish to enhance their cyber security.
NCSC nurtures national cyber security capability
Providing leadership on critical issues, harnessing talent and technology
The NCSC combines the best of government, industry and academic expertise, and has the clearest possible picture of the threats, vulnerabilities and technology trends which define today’s digital environment.
That said, the landscape of cyberspace changes very quickly. With that in mind the NCSC uses cutting edge technical research teams who constantly scan the horizon, helping anticipate the challenges of tomorrow and develop the talent which will face them.
They respond to cyber security incidents
By managing serious security breaches, they reduce the harm breaches cause the UK
The NCSC recognises that, despite all its efforts to reduce risks and enhance security, incidents will happen. When they do, it will work to minimise harm to those affected, help with recovery, and learn lessons for the future. Often they will help by connecting victims to commercial companies who are excellent at incident response.
They will also co-ordinate the wider response of government and law enforcement, and in the case of very serious incidents may communicate publicly, giving people and businesses advice on how to protect themselves.
The NCSC reduces risks to the UK
It helps public and private sector organisations secure their networks
The NCSC supports the most critical organisations in the UK, across government and the private sector. It provides bespoke advice and guidance, assist in the design and testing of networks, and helps develop effective incident response plans.