The UK’s National Cyber Security Centre (NCSC) has set out plans to launch a new version of its Active Cyber Defence (ACD) initiative to help businesses address evolving cyber-threats.
ACD 2.0 will develop a “next generation” suite of cybersecurity tools and services that aim to plug gaps in the commercial market.
The NCSC will also review the ACD’s current tools and services and will look to divest the management of its services to the private sector “where and when appropriate.”
The aim is to divest most of its new successful services within three years to another part of government or the private sector to run on an enduring basis.
More details will be provided on divestment plans in September.
The development of ACD 2.0 is in response to both the changing cyber threat landscape, such as evolving phishing attacks and the types of services offered within the cybersecurity commercial market.
This aims to meet the overarching goal of ACD to “Protect the majority of people in the UK from the majority of the harm caused by the majority of the cyber-attacks the majority of the time.”
ACD a Success, But Time to Evolve
The NCSC launched ACD in 2017, providing four areas comprised of free services to be used by UK government departments to improve their basic level of cybersecurity. These are:
- Self-service checks, including early warning
- Detections deployed by organizations, such as a Protective Domain Name Service (DNS) filtering and Vulnerability Disclosure
- Disrupt and defend, such as a Suspicious Email Reporting Service (SERS) and Share and Defend Capability
- Enablers, providing common platforms that underpin multiple ACD services
The NCSC said that following success in tackling common attack vectors such as phishing in the government, the program has been made available to all sectors across the UK.
The NCSC’s sixth annual ACD report in July 2023 highlighted the program’s growing takeup and success.
This included a record-breaking 7.1 million reports of potentially malicious emails to SERS and a 60% increase in its Mail Check service designed to improve compliance with Domain-based Message Authentication, Reporting and Conformance (DMARC) and other email anti-spoofing/privacy controls.
The NCSC acknowledged that the range of services on offer via ACD has been broadly consistent since 2017. In contrast, the cyber capabilities on offer from the private sector have evolved.
Therefore, The UK government agency, part of GCHQ, noted that it may need to broaden ACDs reach because its original services mainly targeted at the public sector.
NCSC to Run Experiments to Develop Services
The NCSC’s first step is to examine its attack surface management suite: Check, Mail Check and Early Warning.
It will now run experiments alongside industry providers to build on these services.
The NCSC has also urged industry to approach it on any attack surface management product, or ideas for other experiments it could run in the future.
“We want ACD 2.0 to be a partnership; across the NCSC, across the cybersecurity community in government, and crucially also with industry and academia. Combined with our unique organization, we can have a disproportionate impact on cyber resilience at scale,” the NCSC said in its announcement.
Image credit: Ricky Of The World / Shutterstock.com