The National Cyber Security Centre (NCSC) has been officially opened by the Queen, accompanied by Prince Philip.
The royals were joined by the Chancellor of the Exchequer Phillip Hammond, Home Secretary Amber Rudd, Defence Secretary Sir Michael Fallon, Minister for the Cabinet Office Ben Gummer and Minister of State for Digital and Culture Matt Hancock.
A guided tour included demonstrations by NCSC staff of the UK’s past, present and future cyber threats and closed with The Queen unveiling a commemorative plaque.
NCSC CEO Ciaran Martin said: “Our job is to make the UK the safest place to live and do business online. We will help secure our critical services, lead the response to the most serious incidents and improve the underlying security of the Internet through technological improvement and advice to citizens and organisations. We want to be at the centre of a new era of online opportunity and help people to feel as safe as possible when using technology to its fullest potential.”
The NCSC in central London is part of the UK Government intelligence agency, GCHQ. As featured in the December 2016 print issue of Professional Security, the NCSC manages and advises on the most serious cyber-incidents; and thus works with critical national infrastructure such as utilities, besides law enforcement and the wider public sector, including the National Crime Agency (NCA).
In a report issued by the centre to mark its launch, the NCSC detailed some of its early work towards what it termed ‘national scale harm reduction’.
David Emm, principal security researcher at Kaspersky Lab, called the opening, plus the announcement of the Cyber Schools Programme, two vital steps to tackle cybercrime. “Our dependence on technology and the ever-growing online security threat go hand-in-hand, so it’s crucial that we start raising awareness and equipping children with cyber-security skills as early as possible. With cyber criminals increasingly targeting critical infrastructure and public sector organisations, cyber security is now an issue that affects national security; about global security and the global economy, and governments should play the leading role.”
Paul Anderson, West EMEA Director, Infoblox, said: “The royal opening of the National Cyber Security Centre today is a clear indication of how seriously the government is taking the country’s cyber-security. As well as helping to protect critical infrastructure from attack, its work will also help to arm businesses with the information they need to prevent and respond to outside threats to their sensitive information, servers and services. While the NCSC tackles the infrastructure that supports these attacks, organisations should take the opportunity to use the available enhanced collaboration to their own advantage.
“Greater education on how to protect their own IT networks, along with a wider sharing of resources and threat intelligence, can only serve to benefit UK businesses and the country as a whole.”
Richard Lack, Managing Director – EMEA, Gigya called the opening a grand gesture by the UK Government to demonstrate that cyber security is firmly on the official agenda. “But it will only have real impact on the issue if business decision makers, rather than just government and national security-related industries, also take responsibility in order to protect the enterprise and consumers in a sustainable way.”
Roger McArdell, CTO and partner at videoconference product company Ashton Bentley, said: “We know that today’s young professionals want to use the apps they use in the private lives, in their place of work. Especially for communication and collaboration. It makes sense given that businesses are increasingly affording employees more flexibility and responsibility in their working lives. But this sense of empowerment is increasingly encouraging staff to make decisions that put the company in jeopardy – even if they don’t realise it.
“As employees choose to use apps that aren’t ‘company approved’ on the business network, they are opening up unexpected holes in the safeguarding processes. And this is made all the more dangerous because IT teams are not empowered with systems to administer and manage apps and therefore don’t necessarily have visibility of the problem until it’s too late.
“This Shadow IT challenge must be addressed by decision makers. Investing in platforms that offer a range of approved apps required for the business, that employees can be allowed to use safely. This enables the employer to offer autonomy and flexibility to suit their communication needs, but also ensures the network remains protected by being administrated through a secure system.”
And Rob Norris, VP Head of Enterprise & Cyber Security EMEIA at Fujitsu, said: “As the technical capabilities of cyber-criminals continue to outpace the UK’s ability to deal with cyber threats, it’s good to see proactive action is being taken to protect a wider range of sectors. Attackers will always take the easiest route possible to breach a network and often seek to bypass perimeter controls via social engineering and phishing methods, so this extra layer of defence under GCHQ should help real-time threat reporting and fast solutions before a threat becomes a compromise. While the opening of the NCSC in London today is encouraging, as it aims to ensure the online safety of citizens, businesses and the government, organisations must also take responsibility and be proactive to enable real-time threat reporting and fast solutions before a threat becomes a compromise. This should sit alongside a clear and well-rehearsed incident management plan, addressing internal and external communication in addition to containment and recovery activities.”