The NCSC absorbed and replaced
CESG (the
information security arm of GCHQ), the Centre for Cyber Assessment (CCA), Computer Emergency Response Team UK (CERT UK) and the cyber-related responsibilities of the
Centre for the Protection of National Infrastructure (CPNI). It built on earlier efforts of these organisations and the
Cabinet Office to provide guidance on
Information Assurance to the UK's wider private sector, such as the "10 Steps" guidance released in January 2015. In pre-launch announcements, the UK government stated that the NCSC would first work with the
Bank of England to advise financial institutions on how to bolster online defences. The centre was first announced in November 2015 by the
Chancellor of the Exchequer,
George Osborne. The then Director General Cyber of GCHQ, Ciaran Martin, led the new centre, and GCHQ's Technical Director of Cyber Security, Dr Ian Levy, assumed the same role at the NCSC. A detailed paper on the creation of the NCSC, including a description of its structure and future challenges, written by the then Director of GCHQ,
Robert Hannigan, who is widely credited with establishing the centre, was published by the
Royal United Services Institute in February 2019. The centre was dedicated by the Queen on 14 February 2017.
Philip Hammond, the Chancellor of the Exchequer, announced an investment of £1.9 billion and an initiative to embed 100 people from industry into the NCSC on secondment. In April 2016, the
Ministry of Defence announced that a Cyber Security Operations Centre (CSOC) "to protect the MOD's cyberspace from malicious actors" with a budget of over £40 million will contribute to this initiative. It is located at
MoD Corsham. In October 2017, technical director Ian Levy was targeted by email prankster
James Linton with a fake industry event; however, Levy correctly identified the unexpected headers and worked with him to put out a security blog about the incident. On 1 October 2020 Lindy Cameron, formerly director-general of the
Northern Ireland Office, took over from
Ciaran Martin as CEO. In December 2023, it was announced that Lindy Cameron would step down in early 2024. Felicity Oswald acted as interim CEO until the appointment of Richard Horne in October 2024. In July 2024, the Centre in collaboration with international partners, revealed a North Korean state-sponsored cyber espionage campaign, aimed at stealing military and nuclear secrets. The advisory highlighted the actions of the Andariel group, linked to the DPRK's
Reconnaissance General Bureau's 3rd Bureau, targeting critical infrastructure globally to steal sensitive information and intellectual property. NCSC's Director of Operations, Paul Chichester, emphasized the significance of protecting such data. Andariel's focus was primarily on sectors like defense, aerospace, nuclear, and engineering, with some attention to the medical and energy sectors. They also launched ransomware attacks against US healthcare organizations to fund further espionage. The advisory included technical details and mitigation strategies, urging network defenders to implement robust protections. The advisory was jointly issued by multiple agencies, including the NCSC, FBI, CISA, NSA, and Korean counterparts.
List of chief executives •
Ciaran Martin (3 October 2016 to 31 August 2020) •
Lindy Cameron (1 October 2020 to April 2024;
was Acting CEO (1 September 2020 to 30 September 2020)) • Felicity Oswald (acting April 2024 to October 2024) • Richard Horne (October 2024 to present) ==See also==