Protecting UK Critical National Infrastructure from Cyber Attack Kevin T National Cyber Security Centre (NCSC) This information is exempt under the Freedom of Information Act 2000 (FOIA) and may be exempt under other UK information legislation. Refer any FOIA queries to ncscinfoleg@ncsc.gov.uk
This information is exempt under the Freedom of Information Act 2000 (FOIA) and may be exempt under other UK information legislation. Refer any FOIA queries to ncscinfoleg@ncsc.gov.uk
National Cyber Security Strategy • "The new strategy is built on three core pillars: defend, deter and develop, underpinned by £1.9 billion of transformational investment." Philip Hammond, Chancellor • Defend the UK from cyber risks • Deter our adversaries • Develop our cyber security capability • “At the heart of the strategy is the creation of a new National Cyber Security Centre (NCSC) – a world class centre of excellence to coordinate the national cyber effort and provide a unified source of advice and support for the private and public sector.” Ben Gummer, Minister for the Cabinet Office This information is exempt under the Freedom of Information Act 2000 (FOIA) and may be exempt under other UK information legislation. Refer any FOIA queries to ncscinfoleg@ncsc.gov.uk
The Formation of the NCSC • The new National Cyber Security Centre is the UK’s authority on cyber security and part of GCHQ. • The NCSC brings together cyber security into a single, expert organisation building on the best of what we already have and combining the functions of: • CESG CERT-UK Cyber elements of CPNI CCA This information is exempt under the Freedom of Information Act 2000 (FOIA) and may be exempt under other UK information legislation. Refer any FOIA queries to ncscinfoleg@ncsc.gov.uk
Our Vision • Helping to make the UK the safest place to live and do business online What we do • Understand the UK’s cyber security environment, sharing knowledge, addressing systemic vulnerabilities • Reduce the cyber security risk to the UK • Respond effectively to cyber security incidents • Nurture the UK's cyber security capability, providing leadership on key national cyber security issues This information is exempt under the Freedom of Information Act 2000 (FOIA) and may be exempt under other UK information legislation. Refer any FOIA queries to ncscinfoleg@ncsc.gov.uk
NCSC & Critical National Infrastructure (CNI) CNI: elements of national infrastructure, loss or compromise of which would lead to severe economic or social consequences, or to loss of life. 13 CNI Sectors, including Energy, Civil Nuclear, Transport, Water, Chemicals. To help protect UK CNI from cyber attack NCSC works in partnership with • lead government departments • CPNI • regulators • industry This information is exempt under the Freedom of Information Act 2000 (FOIA) and may be exempt under other UK information legislation. Refer any FOIA queries to ncscinfoleg@ncsc.gov.uk
Cyber Threats What we are learning from recent cyber incidents • Level of threat is increasing • Most attacks exploit old vulnerabilities • Adversary actions are increasingly aggressive and confrontational • New cyber capabilities are being exhibited This information is exempt under the Freedom of Information Act 2000 (FOIA) and may be exempt under other UK information legislation. Refer any FOIA queries to ncscinfoleg@ncsc.gov.uk
What can be done? • Most cyber attacks can be prevented • Basic guidance exists on how to secure your networks • eg. 10 Steps To Cyber Security on the NCSC website • Work as a community to share information, experiences, good practice etc. • New regulation on cyber security for operators of essential services • EU Security of Networks & Information Systems (NIS) Directive, May 2018 www.ncsc.gov.uk This information is exempt under the Freedom of Information Act 2000 (FOIA) and may be exempt under other UK information legislation. Refer any FOIA queries to ncscinfoleg@ncsc.gov.uk
Recommend
More recommend