Blog post

What can the NCSC do for you?

Created:  11 Oct 2016
Updated:  11 Oct 2016
Author:  Sarah L
Part of:  The NCSC
NCSC building at night

If you’re browsing this website, you might be wondering how the new National Cyber Security Centre (NCSC) will actually help everyone in the UK? Of course, the NCSC is working to protect UK government information and services, our armed forces and the critical national infrastructure - such as our energy and water supplies. But the NCSC is also here to help make the UK the safest place for everyone to live and do business online, whether you run a small business or charity, look after the IT systems in a local school, or simply want to make sure your home IT is less vulnerable to malware and online crime.

How will that work in practice? Well, we want to make it easy for people and organisations to understand how to protect their information and IT from cyber attacks, in the same way as they understand how to protect themselves and their property from other kinds of crime. If you understand what’s important and the options available, you can make the choices that are right for you.  Just as you might protect an old bike differently to your new car, or decide where and when your kids are allowed to go out alone, there’s no single right answer. We can’t tell you what to do in every situation - but we want to make it easier for you to take some sensible steps to make yourself safer.

Part of this is about advice and information, and helping communities share their knowledge. Here on the NCSC website, we show where to get expert help you can trust, such as cyberaware and getsafeonline.org. These government-backed services have the latest easy-to-follow advice and can even answer your specific questions via social media. For organisations and businesses, the Cyber-security Information Sharing Platform (CiSP) lets you join with people in similar circumstances to discuss common threats and strategies, and the Cyber Essentials scheme gives you the tools to implement - and demonstrate - good ‘cyber hygiene’.

But the NCSC will also be working behind the scenes to improve the underpinning technologies we all rely on. This might involve working with service providers to take action to reduce the known scamming and phishing emails in circulation, or encouraging IT providers to make their products more secure before you buy them. This will mean you can spend less time worrying about whether your systems are protected, and more time getting on with the other important things in your life. And it will mean that overall, our economy - and the UK as a whole - becomes more resilient to cyber attack.

The NCSC is new, so one of our first priorities for improving cyber security across the UK is to make sure we understand what can make it difficult for people and organisations to protect themselves. To that end, we’ll be running some consultation groups and surveys over the coming months, focused on different sizes and types of organisation. If your organisation might be interested in helping us understand the challenges you have, you can let us know by using the contact us page. Use the General enquiry category, and if you add the subject-line ‘Get involved’ your details will get to us more quickly.

 

Sarah L

Deputy Director, Economy & Society

Topics

3 comments

Nazim Akbarov - 11 Oct 2016
Thanks for your post Sarah.
It looks like Awareness, Education and Knowledge sharing will be the main drivers for now.
Really looking forward to know more about plans to improve"underpinning technologies" mentioned.
Chris Warrender - 06 Dec 2016
Anything that can be done to either directly, or to advise on, how to maximise security for least cost? These days reduced budgets make it hard to "buy the best" of everything. (in Local Government)
Andy B - 13 Dec 2016
Chris, many thanks for reading the blog and taking the time to comment. Our aims for this topic of work are some of the newest for the NCSC as we move to a position where we can provide our services to a wider set of constituents than we have ever before.

As you suggest, one of our key aims is to enable government & industry alike to ‘maximise security for least cost’. It is not always about spending large amounts of money. Our Dr Levy will tell you that buying a ‘magic amulet’ is often not the answer to your security problems. Looking across the local government, charity, and SME community we believe that a great deal can be done to increase security through the introduction of some core controls like the 10 steps (https://www.ncsc.gov.uk/guidance/10-steps-cyber-security) and those represented within the Cyber Essentials scheme (https://www.ncsc.gov.uk/scheme/cyber-essentials).

Within the NCSC there are several teams working on a variety of tasks to this end. Within the Economy & Society Engagement Sector we are focusing our efforts to make sure that the advice and guidance published by NCSC is accessible by smaller organisations and can be used to improve their security at minimal cost. Within the Digital Government Engagement Sector they are working on services that can be subscribed to as part of the exciting new Active Cyber Defence (ACD) agenda (https://www.ncsc.gov.uk/blog-post/active-cyber-defence-tackling-cyber-attacks-uk). In fact, at the end of last week Richard C blogged about our work throughout the GOV.UK domain on email security (https://www.ncsc.gov.uk/blog-post/making-email-mean-something-again).

Meanwhile I would encourage you to register on CiSP (https://www.ncsc.gov.uk/cisp) where similar organisations can receive information from NCSC, and discuss the topics.

Andy B
CTO Economy & Society

Leave a comment

Was this blog post helpful?

We need your feedback to improve this content.

Yes No