Horror stories about personal data breaches, cyber-attacks perpetrated by Hostile State Actors (HSA) and ransomware incidents are sadly a part of daily life now in the UK – only recently British Airways announced it had been subject to a major data breach affecting hundreds of thousands of customers, and last year’s WannaCry ransomware attack temporarily laid low substantial parts of the NHS IT infrastructure. At the heart of the UK’s response to these cyber incidents is the National Cyber Security Centre (NCSC), the UK’s technical authority for cyber security.
Founded in October 2016, the NCSC is the public-facing part of the Government Communications Headquarters (GCHQ). Its main purpose is to reduce the cyber security risk to the UK, which it does by working with UK industry, academia and wider society to provide world-leading cyber security advice and incident management. On 16th October 2018 it published its second Annual Review, reflecting on the work the NCSC has done during its first two years of operation. Strikingly, the NCSC revealed that it has handled more than 10 attacks per week in its first two years, with 1,167 cyber incidents on records.
A key part of the NCSC’s work has been to make the Internet automatically safer through the innovative Active Cyber Defence initiative, which is intended to protect the UK from high-volume commodity attacks. This initiative has already helped reduce the UK’s share of global phishing attacks by more than half. This is only one part of the NCSC’s work, and UK industry has a major role to play in enhancing the UK’s cyber security and resilience. One way that industry and the NCSC already works together is through the Industry 100 initiative, whereby industry experts are seconded on short-term placements to the NCSC. Many ADS members have already supported this initiative, and will continue to do so.
Here at ADS we have responded to this rapidly evolving digital challenge by recently creating the new Digital Information and Systems Integrity Group. Designed to support the four sectors ADS represents (aerospace, defence, security and space), this group will help ADS members to protect themselves against malicious digital acts and also focus on promoting business development opportunities by, for example, connecting industry suppliers with end users in Government, Critical National Infrastructure and the wider private sector. ADS will continue to work closely with a range of Government departments, including the NCSC, to facilitate collaboration and disseminate cyber security advice in aid of national security objectives, with a particular focus on SMEs in the crucial supply chains, and beyond, represented by ADS.