The National Cyber Security Centre (NCSC) is the United Kingdom's lead technical authority on cybersecurity. It was launched in October 2016 and is headquartered in London, operating as part of the signals intelligence agency GCHQ. The NCSC consolidated several predecessor bodies, including CESG (the information security arm of GCHQ), the Centre for Cyber Assessment, CERT-UK, and elements of the Centre for the Protection of National Infrastructure.
The NCSC's remit covers four broad functions:
- Understand cyber threats facing the UK, drawing on classified intelligence from GCHQ and partners.
- Reduce risk to UK networks through guidance, standards, and initiatives such as the Active Cyber Defence programme (including services like Web Check, Mail Check, and the takedown of malicious domains).
- Respond to significant cyber incidents affecting government, critical national infrastructure, and major UK organisations.
- Nurture national cyber skills and the wider ecosystem, including the CyberFirst programme for young people and the Cyber Essentials certification scheme for businesses.
The NCSC publishes an Annual Review summarising its operational work, and frequently issues joint advisories with allied agencies such as the US CISA, the FBI, the NSA, Australia's ACSC, and Canada's CCCS, typically under the Five Eyes umbrella. It has publicly attributed cyber activity to state actors on multiple occasions, including operations linked to Russia's GRU and China's Ministry of State Security.
For Model UN delegates and IR researchers, the NCSC is a useful reference point on issues including critical infrastructure protection, supply chain security (notably its 2020 guidance on Huawei in UK 5G networks), ransomware response, and election security. Its CEO reports to the Director of GCHQ, and the Centre works closely with the Cabinet Office and the Department for Science, Innovation and Technology on national cyber strategy implementation.
Example
In 2018, the NCSC jointly attributed the NotPetya cyberattack to the Russian military, coordinating its statement with allied governments including the United States and Australia.
Frequently asked questions
No. The NCSC is the public-facing cybersecurity authority within GCHQ. While it draws on GCHQ intelligence, its role is defensive: advising government, industry, and the public on cyber threats.
Keep learning