The NCSC’s main functions are to strengthen the UK’s cyber security and cyber resilience – especially in the critical national infrastructure. We communicate guidance on good cyber security for different levels of customer throughout the UK and foster technical innovation to help block attacks automatically and at scale. Where cyber incidents do occur the NCSC will provide effective incident response to reduce harm to the UK and minimise future impact.
The work of the NCSC is driven by four key goals:
Goal 1: Understand the cyber security environment to identify and address systemic vulnerabilities
We will be the centre of government expertise on what is happening in cyberspace, combining the knowledge gathered from incidents and intelligence with that shared through our close relationships with industry, academia and international partners. We will use and share that knowledge to identify and address systemic vulnerabilities and enhance cyber security for all.
Goal 2: Reduce the cyber security risk to the UK
We will reduce risks to the UK by working with public and private sector organisations to improve their cyber security. This will include: the provision of both general and bespoke advice and guidance as necessary; supporting the design and testing of networks and systems; exercising response arrangements; and improving the security of networks to help block attacks or make cyber attacks less likely.
Goal 3: Respond effectively to cyber incidents to reduce harm to the UK
We recognise that despite our efforts to reduce the risks and enhance security, cyber incidents will still happen. When a serious cyber incident occurs, we will work with victims to minimise the damage, help with recovery, and learn lessons to reduce the chance of recurrence and minimise future impact. Often we will help by connecting victims with commercial companies who we know are effective at cyber incident response. At the same time we will ensure that the wider response of government and law enforcement is well co-ordinated. In the case of very serious incidents this might mean communicating publicly about consequences and the steps people and businesses should take to protect themselves.
Goal 4: Nurture the UK’s cyber security capability and provide leadership on key national cyber security issues
Cyber security and information technology continue to develop and evolve at a rapid pace. As the authority for cyber security, we will have the best possible visibility of what is happening today – in terms of threats, vulnerabilities and technology trends. This means cutting edge technical research teams, combining the best of government, industry and academic expertise, scanning the horizon and helping us plan for what could challenge us tomorrow. We will work with partners across the range of initiatives and developments to ensure the UK Government, organisations and the public can harness the advantages that new technologies bring in a safe and secure manner.