The National Cyber Security Centre (NCSC) was opened today by the Queen and a host of government ministers.
The Centre, which has been operational since October 2016, will disseminate best practice on cyber-security and act as a clearinghouse for threat intelligence.
The Queen and the Duke of Edinburgh toured the building learning about the NCSC's mission and purpose, the history of cryptography and even witnessing a simulated attack. She was joined by chancellor Philip Hammond, defence secretary Sir Michael Fallon and home secretary Amber Rudd and other senior cabinet members.
The NCSC remit is wide: It will provide support and guidance to both public and private sectors on cyber-threats as well as consulting on and helping deal with attacks on critical infrastructure and large institutions. It has offered trial services in discovering vulnerabilities and worked with critical infrastructure providers to bolster their security. It will also be helping to train young people in the field and devoting resources to research and development. According to its CEO, Ciaran Martin, its job in a nutshell is “to make the UK the safest place to live and do business online”.
NCSC technical director Ian Levy said: “We're actively working to reduce the harm caused by cyber-attacks against the UK and will use the government as a guinea pig for all the measures we want to see done by industry at national scale.”
This, added Levy, “Includes everything from free website vulnerability scanning for public sector and proactively taking down tens of thousands of phishing sites, to our world leading CyberFirst campaign to encourage teenagers to become tomorrow's cyber-security pioneers.”
The official opening of the centre marks a new stage in the UK's security posture and the broader tech industry has welcomed its advent.
Talal Rajab, head of the cyber and national security programme at techUK, told SC Media UK that, “whilst the UK has not suffered from a tier one cyber-threat, the growing level of sustained cyber-attacks on UK businesses means we must not be complacent. The NCSC, with the help of the private sector, must work to make the UK the hardest possible target for cyber-criminals and help protect our growing digital economy. In order for the NCSC to do this, it must be accessible by both businesses and the general public, protecting a far wider range of sectors beyond just Critical National Infrastructure (CNI).
“Recently announced policy initiatives, such as the trialling of pro-active cyber defence services on government departments before recommending them to businesses, are to be applauded and TechUK looks forward to working with the NCSC to help it achieve its target of making the UK the safest place in the world to live and work online."
Matt Walmsley, EMEA director at Vectra Networks, said that while the NCSC's role is welcome, the private sector also needs to up its game: “As critical national infrastructure seems to be finally receiving the cyber-defensive attention it needs, the private sector needs to play its part as well, otherwise the overall effort will amount to little if a full scale cyber-attack befalls key services – public or otherwise. Cyber-security is a strategic organisational issue, not just the concern of government, nor just organisations' IT and technologists.”
One of its priorities should be to make corporate leaders understand the business criticality of security, said Scott Rubin, head of policy at Tanium: “If the government hopes to stem the tide of cyber-crime, the National Cyber Security Centre must make closing the corporate accountability gap its first order of business.”The opening of the centre comes as part of a wave of renewed focus on cyber security within the UK. Chancellor Philip Hammond was warmly welcomed in November 2016 when he announced 1.9 billion of investment into the UK's cybersecurity and unveiled the National Cyber Security Strategy. On the eve of the NCSC's official opening the Chancellor took the opportunity to note the intensifying threat of hacking, saying that the centre had addressed nearly 200 ‘high level' attacks in its first three months of operation.