As the National Cyber Security Centre (NCSC), our goal is to create a comprehensive suite of services that assist organizations in safeguarding against cyber threats. Some services we provide directly, leveraging our unique position, while others are offered through industry partners under NCSC assurance. We continuously evaluate the services we provide and aim to transition responsibilities to industry partners where appropriate. In the upcoming month, we will share more about our future direction regarding those services offered through industry.
Active Cyber Defence (ACD) has gained significant recognition and has been embraced by numerous countries. This is due to its ability to enhance national cyber resilience on a broad scale while imposing substantial costs on adversaries.
Active Cyber Defence (ACD) aims to mitigate the damage from widespread cyber attacks by supplying tools and services that defend against a variety of threats.
This protection manifests in various ways, ranging from addressing security vulnerabilities to actively detecting and thwarting attacks.
Most of our current services were initiated in 2017. While these services have matured over time, the variety offered has remained largely consistent. Simultaneously, the cyber capacities of the entities we serve—and the offerings from the private sector—have evolved, reflecting changes in the nature of threats.
It is essential for the NCSC to concentrate efforts where we can provide distinct value—especially where we recognize gaps in the commercial market or where our connection to GCHQ enables a unique opportunity to enhance resilience on a large scale. Given these evolving circumstances and drawing on our experiences with existing ACD services, we are evaluating new delivery models and partners to develop a next-generation suite of services known as ACD 2.0.
In response to contemporary threats, the modern internet landscape, and various other factors, we are asking ourselves: What should we deliver? Where can we achieve an advantage in cyber defense? How can we provide unique contributions? Having primarily directed the original ACD services at the public sector, is it time to widen our scope?
To achieve this objective, we have established the following principles for ACD 2.0:
-
The NCSC will only provide solutions where the market cannot do so—whether due to our unique position within the government, our scalability, capabilities, or authorities.
-
The NCSC plans to transfer most of our new successful services within a three-year period, either to a different government segment or to the private sector for sustainable management.
We envision ACD 2.0 as a collaborative effort involving the NCSC, the broader cyber security community in government, and importantly, partnerships with industry and academia. Together with our distinctive organization, we can exert a disproportionate influence on enhancing cyber resilience across the board.
Engagement Opportunities – How to Collaborate with Us
As we launch ACD 2.0, our initial focus is on refining our attack surface management suite, which currently includes services like Web Check, Mail Check, and Early Warning.
We have gained valuable insights from operating these services and are eager to extend this knowledge by conducting experiments in collaboration with industry providers. We have specific experiments in mind, but we also welcome your input if you have innovative ideas.
Our hypothesis remains that assisting organizations in recognizing and minimizing their attack surface and relevant vulnerabilities is among the most effective strategies to bolster external resilience.
If you possess a product related to attack surface management or have suggestions for future experiments, and you’re interested in partnering with the NCSC, please reach out to us.
Ollie Whitehouse, Chief Technology Officer (CTO), NCSC
Jonathon Ellison, NCSC Director of National Resilience
Article has been taken from ncsc.gov.uk: https://www.ncsc.gov.uk/blog-post/introducing-active-cyber-defence-2
