ARRSE is supported by the advertisements on it, so if you use an adblocker please consider helping us by starting an Ad-Free subscription.

GCHQ's National Cyber Security Centre opens for business following delays

Discussion in 'Current Affairs, News and Analysis' started by Murphy_Slaw, Feb 14, 2017.

Welcome to the Army Rumour Service, ARRSE

The UK's largest and busiest UNofficial military website.

The heart of the site is the forum area, including:

  1. At the risk of being beaten to death with my own keyboard - why is Cyber under the remit of HM Forces - I would have thought one of the intelligence agencies would have been better positioned to conduct this.
     
    • Like Like x 1
  2. NCSC now, please - get with the program! :-D
     
    • Funny Funny x 1
  3. A2_Matelot

    A2_Matelot LE Book Reviewer

    Whilst I have many times in recent months retorted that I hate "cyber", it does serve a very valid purpose. At the root "cyber" is plain old information assurance, enabled by solid system administration and network management. Which is as dull as a dull thing can get and will rarely win over a board or the purse holders.

    Defining risks and events as capability risks and using the "cyber" sticker creates a far more powerful image that really does attract attention and get's access to decision makers.

    XP. It's used a lot BUT it is well understood where it is used and why. There are mitigations in place.
     
    • Like Like x 1
    • Informative Informative x 1
  4. Briefly, NCSC provides the framework, guidance and policies to be followed. All organisations (should!) including MOD apply them.

    Edit to add: About the National Cyber Security Centre - NCSC Site
     
    • Informative Informative x 2
  5. A2_Matelot

    A2_Matelot LE Book Reviewer

    "Cyber" isn't under the remit of MoD - more accurately MoD is responsible for elements of Defensive and Offensive Cyber Operations; Defensively it looks after it's own enterprise and deployed systems - couldn't/wouldn't expect an Intelligence Agency to do that.

    There are also legal issues to be considered, LOAC and various Intelligence statues etc, so splitting responsibilities is a sensible measure.
     
    • Informative Informative x 2
  6. Ok it may be ive been confused by the Cyber thing and read more into it than there is
    Cyber (in this context) isn't about crack teams of geeks fighting internet battles hacking and counter hacking like WW1 tunnel rats attempting to get under the German defences.
     
  7. A2_Matelot

    A2_Matelot LE Book Reviewer

    Yes.
     
  8. That's one side of the coin certainly. The flip side is preventing the bad 'uns from returning the compliment to the UK and that is where the NCSC (formerly CESG) comes in.
     
    • Informative Informative x 1
  9. A2_Matelot

    A2_Matelot LE Book Reviewer

    Not from the MoD it isn't, even in defensive terms. NCSC operates in conjunction with other elements of CESG and Allies to develop it's understanding, that allows it to develop and publish frameworks and procedures to wider UK PLC which, if implemented, should allow greater cyber assurance and resilience.
     
    • Like Like x 1
  10. Sarastro

    Sarastro LE Reviewer Book Reviewer

    From what is available openly, it is primarily a policy and advice shop, not an operational centre...
     
  11. Sarastro

    Sarastro LE Reviewer Book Reviewer

    It isn't. Neither is the NCSC.

    But all organisations have a responsibility towards their own defensive measures (CND or IT Security in old money). So HM Forces, the MOD etc each and collectively have their own bits of CND capability, and have done for at least 4 decades or more.
     
    • Informative Informative x 1
  12. Sarastro

    Sarastro LE Reviewer Book Reviewer

    Excellent. How many years did it take in the end?
     
  13. A2_Matelot

    A2_Matelot LE Book Reviewer

    "If you’re browsing this website, you might be wondering how the new National Cyber Security Centre (NCSC) will actually help everyone in the UK? Of course, the NCSC is working to protect UK government information and services, our armed forces and the critical national infrastructure - such as our energy and water supplies. But the NCSC is also here to help make the UK the safest place for everyone to live and do business online, whether you run a small business or charity, look after the IT systems in a local school, or simply want to make sure your home IT is less vulnerable to malware and online crime.

    How will that work in practice? Well, we want to make it easy for people and organisations to understand how to protect their information and IT from cyber attacks, in the same way as they understand how to protect themselves and their property from other kinds of crime. If you understand what’s important and the options available, you can make the choices that are right for you. Just as you might protect an old bike differently to your new car, or decide where and when your kids are allowed to go out alone, there’s no single right answer. We can’t tell you what to do in every situation - but we want to make it easier for you to take some sensible steps to make yourself safer.

    Part of this is about advice and information, and helping communities share their knowledge. Here on the NCSC website, we show where to get expert help you can trust, such as cyberaware and getsafeonline.org. These government-backed services have the latest easy-to-follow advice and can even answer your specific questions via social media. For organisations and businesses, the Cyber-security Information Sharing Platform (CiSP) lets you join with people in similar circumstances to discuss common threats and strategies, and the Cyber Essentials scheme gives you the tools to implement - and demonstrate - good ‘cyber hygiene’.

    But the NCSC will also be working behind the scenes to improve the underpinning technologies we all rely on. This might involve working with service providers to take action to reduce the known scamming and phishing emails in circulation, or encouraging IT providers to make their products more secure before you buy them. This will mean you can spend less time worrying about whether your systems are protected, and more time getting on with the other important things in your life. And it will mean that overall, our economy - and the UK as a whole - becomes more resilient to cyber attack."

    Read Ian's blog Active Cyber Defence - tackling cyber attacks on the UK - NCSC Site he openly comments on how NCSC will be "Go looking for badness and take it down" .
     
    • Informative Informative x 1
  14. Sarastro

    Sarastro LE Reviewer Book Reviewer

    I'm not sure how putting it in bold changes the fact the words are talking, primarily, about policy and advice...
     
  15. Thanks all

    I did suspect I was asking dumb questions - rest assured I can be taught.



    Is this the correct time to ask if Cyber is taken seriously down south and is there a crack RAF team on 24hr standby to ensure the Argies cant remote forge a flight plan for 50 B747 loads of Commandoes ?