Cyber League: UK's NCSC Calls on Industry Experts to Join its Fight Against Cyber Threats


The United Kingdom’s National Cyber Security Centre is inviting members of the cybersecurity community to join its new Cyber League, which is a collective of industry experts that will work alongside the government agency to tackle security threats facing the U.K.

Announced by the NCSC on Jan. 17, the Cyber League will support existing NCSC initiatives that bring together experts from the public and private sectors. This is with the aim of improving knowledge sharing in cybersecurity.

The role of the Cyber League in UK cybersecurity

The Cyber League will see members of the cybersecurity and threat intelligence industries join NCSC analysts in workshops and discussion groups to exchange insights on the growing threat landscape.

Work performed by the community will be “a critical part of visibility and tracking existing and emerging threats in the UK,” the NCSC said in a press release.

Paul Chichester, director of operations at the NCSC, said in a statement: “Cyber defence is a giant, complex and ever changing puzzle, with critical knowledge, skills and innovation spread widely across industry and government. Only through working together can we achieve our collective aim of making the UK the safest place to live and work online.”

Who can join the Cyber League?

Membership to the Cyber League is on a voluntary basis, with the prerequisite that members must demonstrably be involved in cybersecurity or threat intelligence and “have a substantial UK connection.”

A maximum of three people from a single organization can apply to the Cyber League community, provided they can demonstrate knowledge of and experience in, cybersecurity.

Interested prospective members can enquire about membership by contacting cyberleague@ncsc.gov.uk.

How the NCSC is championing cross-sector collaboration

The Cyber League will complement the NCSC’s Industry 100 (i100) initiative, a program set up in October 2023 to improve the U.K.’s cybersecurity posture by fostering collaboration between the country’s public and private sectors.

The i100 initiative involves secondees from various organizations working part-time with the NCSC, ranging from one day a week to one day a month, who contribute their expertise to various projects.

This approach brings together diverse skillsets and perspectives, according to the NCSC, improving the agency’s ability to effectively address current and emerging cybersecurity threats.

The Cyber League will likewise see experts from the public and private sectors convene to exchange knowledge and experience, with the goal of bringing about a more comprehensive understanding of cybersecurity issues.

Knowledge sharing is key to better cybersecurity, say experts

On Jan. 16, 2024, Ollie Whitehouse, the NCSC’s recently appointed chief technology officer, wrote in a blog post about the need to prepare for major cybersecurity incidents by looking beyond current initiatives and building “collective resistance” that involved pooling knowledge and resources.

“We continue to operate in a world of greater competition, instability, and contention than we have in over 30 years; a time before which cyber was material,” wrote Whitehouse.

“As such we need to go beyond the excellent work already in place […] and prepare for when the big cyber event hits organizations, the UK, and the globe. Our adversaries, criminal and otherwise, are more aggressive and technically able than ever before, and show no sign of slowing down.”

Jason Keirstead, vice president of collective threat defense at threat intelligence firm Cyware, welcomed the initiative as a means for the U.K. to address cybersecurity threats on a united front.

“It is extremely encouraging to see this announcement from the NCSC. As we have seen with the JCDC (Joint Cyber Defense Collaborative) program in the United States, there are tangible benefits whenever the public and private sectors increase their collective defense efforts,” Keirstead said in a statement shared via email.

“Cybersecurity is a whole-of-nation problem and cannot be solved by industry and government working alone; we must continue to engage as frequently and as widely as practical.”

NCSC identifies need for greater messaging around cyber risks

In the U.K. government’s 2023 Cyber Security Breaches Survey, 32% of businesses and 24% of charities reported experiencing breaches or attacks in the previous 12 months, with the report also finding a decline in cyber hygiene practices like password policies and network firewalls ­among businesses.

Across all U.K. businesses, there were nearly 2.4 million instances of cybercrime and approximately 49,000 instances of fraud as a result of cybercrime during the 12-month period, the report found. Charities alone experienced 785,000 cybercrimes over the same period.

The report suggested organizations that received messaging from agencies like the NCSC were more likely to take action to identify cybersecurity risks.

Rogier Fischer, chief executive officer at security platform Hadrian, said knowledge sharing was an important part of raising awareness of cybersecurity issues. “Initiatives such as the Cyber League are a great way for organizations to benefit from the knowledge and experience in the broader cybersecurity community,” Fischer said in a statement shared with TechRepublic.

He added: “The power of these groups comes from the diversity of experts they attract, which enables organizations to create more robust security strategies. Offensive security is gaining prominence because it helps organizations identify which risks threaten them and which don’t.”

Additional U.K. news about AI cybersecurity tips and risks

Recent advancements in artificial intelligence, and generative AI in particular, have put cybersecurity at the top of both boardroom and political agendas.

In September 2023, the NCSC published advice for businesses on protecting themselves against AI-based security breaches. In November 2023, the NCSC published guidelines around the security of AI systems alongside the U.S.’s Cybersecurity and Infrastructure Security Agency and other international security agencies.

Cybersecurity was also the focus of November’s AI Safety Summit, where 28 countries came together to discuss the risks posed by new artificial intelligence models. The summit, hosted in the U.K., focused on the need for governments, researchers and technology companies to work together to establish global AI safety protocols and address the challenges of rapidly-evolving generative AI models.



Source link