THE NCSC
The National Cyber Security Centre (NCSC), a division of GCHQ, serves as the UK’s leading authority on cyber security. Established in 2016, its mission is to ensure the UK remains the safest place to live and work online while providing clarity and insight in an increasingly complex digital landscape. Chancellor of the Duchy of Lancaster and Minister for Intergovernmental Relations, Pat McFadden says:
“We must work alongside industry to meet the increasingly sophisticated challenges we face and make the UK the safest place to live and work online.”
The NCSC supports the UK’s most critical organisations, including the wider public sector, industry, small and medium-sized businesses, and the general public. It collaborates with law enforcement agencies, the UK’s intelligence and security services, the National Protective Security Authority (NPSA), international allies, and government partners. McFadden adds:
“The NCSC is at the centre of the Government’s efforts to strengthen the cyber resilience of organisations and individuals.”
The NCSC works to reduce cyber risks to the UK by helping to secure both public and private sector networks and mitigate cyber threats by identifying and disrupting them. In the event of incidents, the NCSC provides effective response measures to minimise harm to the UK and assist victims in recovery.
NCSC ANNUAL REVIEW
In early December, the NCSC published its Annual Review 2024, highlighting key achievements and milestones from 1 September 2023 to 31 August 2024 and exploring the challenges ahead. In a nutshell, the report umbrellas the UK cyber landscape under four categories:
- Countering cyber threat
- Building cyber resilience
- Developing the cyber ecosystem
- Keeping pace with technology
COUNTERING CYBER THREAT
The NCSC continues to assess and address the cyber threats confronting the UK. From hostile state actors and the commercial proliferation of cyber capabilities to ransomware and the complexities of AI-driven intrusions, the NCSC draws on its technical expertise and unique governmental role to combat both traditional and emerging cyber challenges, working closely with law enforcement and international partners. Ransomware attacks remain the most immediate and disruptive threat to the UK’s critical national infrastructure (CNI), with some state-affiliated cyber groups now targeting the industrial control systems underpinning essential services. The NCSC’s Incident Management team collaborated with the Information Commissioner’s Office (ICO) and the legal and insurance sectors to develop joint guidance on ‘ransom discipline.’ This initiative aims to reduce ransomware payments by victims of cybercrime. The guidance has gained international traction through the Counter Ransomware Initiative (CRI), which now includes 40 member nations and 8 insurance bodies worldwide. This effort exemplifies the NCSC’s partnerships with government and private organisations to enhance the UK’s cyber resilience.
THREATS FROM CHINA
China remains a highly sophisticated and capable cyber threat actor, targeting a broad range of sectors and institutions worldwide, including in the UK. In February 2024, the NCSC, alongside international partners, issued an advisory highlighting compromises of the United States critical national infrastructure (CNI) by “Volt Typhoon,” a China state-sponsored threat actor. The targeting of sectors such as energy, transportation, and water suggests potential preparations for future disruptive or destructive cyberattacks, underscoring China’s intent to threaten essential networks. The NCSC continues to collaborate with government, international allies, industry, and academia to deter, disrupt, and detect the cyber threats posed by China. Richard Horne, CEO of the NCSC says:
“All the while, China remains a highly sophisticated cyber actor, with increasing ambition to project its influence beyond its borders.”
THREATS FROM RUSSIA
Russia remains a capable, motivated, and reckless actor in cyberspace. Russian cyber threat actors have almost certainly escalated their operations against Ukraine and its allies, aligning with their military objectives and broader geopolitical goals. These activities in Ukraine have also emboldened non-state actors to launch cyberattacks on Western critical national infrastructure (CNI). While these non-state actors operate without formal or direct state control, their actions remain ideologically aligned with Russian interests, and the Russian state bears responsibility for enabling these attacks. Anne Keast-Butler, the Director of GCHQ tells us:
“We have seen persistent aggression from Russia as it continues to wage its unjust war against Ukraine. And while much of this conflict is playing out on the frontlines, there’s been an increase in cyber operations against Ukraine and its allies in support of Russia’s military campaign and its wider geopolitical objectives.”
“We can see how cyberattacks are increasingly important to Russian actors, along with sabotage threats to physical security, which the director general of MI5 spoke about recently.”
The NCSC continues to expose Russian cyber activities publicly, creating a more challenging environment for such actors to operate effectively.
BUILDING CYBER RESILIENCE WITH THE NCSC
The rapid adoption of emerging technologies, such as artificial intelligence, is driving an increase in the speed, volume, and sophistication of cyberattacks from a diverse range of capable adversaries. The NCSC is focusing on strengthening the cyber resilience of the UK’s critical systems against the most advanced and sophisticated threats. Simultaneously, it is enhancing national resilience to widespread, commodity cyberattacks across the UK economy. Leveraging its unique insights as part of GCHQ and collaborating with partners in government, industry, and academia, the NCSC is working to safeguard the nation’s digital security. More specifically, the NCSC is building UK cyber resilience by:
- delivering transformational active cyber defence services and interventions
- supporting legislative and regulatory reform
- influencing the security standards for new and emerging technologies
- growing the UK’s cyber ecosystem
DEVELOPING THE CYBER ECOSYSTEM WITH THE NCSC
The NCSC plays a pivotal role in bolstering the UK’s cyber security ecosystem, which now contributes approximately £11.9 billion annually to the economy. By uniting the efforts of government, industry, and academia, the NCSC fosters an environment of excellence that supports the ecosystem at every stage. From inspiring school students and creating opportunities in higher education to funding cutting-edge research and connecting innovative tech startups, the NCSC is future-proofing the UK’s national security. This sustainable cyber ecosystem now employs nearly 61,000 people. To maintain and grow this ecosystem, it is essential to ensure a steady supply of skilled professionals, high-quality products, and trusted services to help organisations build resilience and enhance their digital capabilities. The NCSC collaborates with partners to establish standards, validate products and services, and expand the talent pipeline needed to support a thriving cybersecurity sector.
KEEPING PACE WITH TECHNOLOGY
As the national technical authority for cyber security, the NCSC must stay aligned with rapidly evolving technologies, particularly those that significantly impact critical systems, sectors, and technologies. Some changes directly affect end users, such as transitioning from password-based authentication to passkeys to enhance security and usability. Others influence developers, such as refining software development practices to minimize vulnerabilities in the applications and devices integral to our connected society. The NCSC requires expertise across the technology stack to help the UK anticipate and respond to emerging opportunities, risks, and threats. The NCSC conducts extensive internal research into emerging technologies, identifying innovative ways to mitigate harm on a large scale. While certain technologies, like artificial intelligence, present potentially disruptive challenges that demand close attention, others evolve more gradually but remain highly impactful. For instance, while cloud computing and the Internet of Things (IoT) are no longer considered new, their ubiquity means even minor changes to their standards or underlying technologies can have far-reaching consequences for system resilience.
CLOSING WORDS CYBER EXPERTS
At the launch of the Annual Review 2024, Richard Horne described the cyber risks facing the nation as “widely underestimated” and called for collective action against an increasingly complex array of threats. He proposed an organisational commitment to cybersecurity as a prerequisite for UK business to thrive and said:
“We need all organisations, public and private, to see cyber security as both an essential foundation for their operations and a driver for growth. To view cyber security not just as a ‘necessary evil’ or compliance function, but as a business investment, a catalyst for innovation and an integral part of achieving their purpose.”
Muttukrishnan Rajarajan, Zhero’s Head of R&D, Professor of Security Engineering at City University of London, and a Director at Cyber London, added:
“There is an immediate need for organisational cultural change to incorporate cyber security into all aspects of the business. With the technological advancements in AI and quantum, it will become increasingly complex to identify and mitigate future cyber-attacks. In addition, the geo-political environment will make this even more challenging as some nations have extremely powerful technologies to disrupt the supply chain and cause catastrophic damage to the economy. Today’s digital infrastructure is too complex to isolate and recover using piecewise approaches. We need the boards to start educating themselves on cyber threats and make it part of their core business processes. Organisations need to do more to automate cybersecurity controls and minimise human intervention to mitigate against future sophisticated cyber-attacks.”
PROTECT IT BETTER
As London’s #1 end-to-end cybersecurity and IT support for SMEs, Zhero knows the ins and outs of cyberattacks and how to mitigate these. Our Protect IT Better offering has been carefully crafted and developed to proactively nurture and build a sustainable cybersecurity environment giving your business a competitive advantage. We’ve incorporated the most advanced technology-as-a-service innovations and created Protect IT better. Protect IT better follows a holistic approach that ensures you are always protected against modern-day cyberattacks. Get in touch today to secure your world. Together we can make our online world in the UK and beyond safe for everybody.
