The UK’s National Cyber Security Centre (NCSC) has launched Cyber League, an initiative through which it hopes to bring together a trusted community of security experts drawn from its own ranks and the wider industry, to work together on tackling the most urgent cyber threats facing the country.
The group will see a diverse group of experts collaborate to apply their own unique knowledge and understanding to the threat picture as they participate in a range of engagements, from discussion groups to analytic workshops.
“Cyber defence is a giant, complex and ever-changing puzzle, with critical knowledge, skills and innovation spread widely across industry and government,” said NCSC operations director Paul Chichester. “Only through working together can we achieve our collective aim of making the UK the safest place to live and work online.”
Organisations that wish to take part in the Cyber League will have to form part of the cyber security or threat intelligence industry, and be able to demonstrate a “substantial” connection to the UK. Up to three volunteers from each organisation will be admitted to the League, providing they have the relevant security experience and knowledge.
The NCSC said the Cyber League would complement its existing Industry 100 (i100) secondment initiative, but is designed to be of value to those who may not be able to commit the time this programme requires, but still have experience and knowledge to share.
Raj Samani, senior vice-president and chief scientist at Rapid7, characterised the initiative as a positive step for the UK cyber security industry. “With the current asymmetry of information among criminal threat groups and the cyber security industry, it’s great to see the NCSC taking proactive steps to promote the sharing of skills and information through the Cyber League initiative,” he said.
“We currently get bogged down too much in speculation about vulnerabilities and threats,” said Samani. “We need to take on a new path and put more value into the open sharing of threat indicators to benefit the mitigation of future incidents. This new Cyber League will act as a great place to boost context-driven threat hunting and innovate how we tackle the rising problem of cyber security.”
Collaboration an enabler
Under its outgoing CEO, Lindy Cameron – who recently announced her intention to step down from the role – the NCSC has centred collaboration between its in-house and GCHQ-backed expertise and the wider industry to help it meet the government’s goals around cyber security.
Writing earlier this week, the organisation’s new chief technology officer, Ollie Whitehouse, said that moving forward, he would prioritise pursuing a clearer, evidence-based understanding of UK plc’s collective weaknesses, seeking more objective understanding of how efficient resilience-building efforts across technology, products, services, people, processes and systems really are.
“We must ensure that the UK, our international partners and supply chains are prepared for material cyber events,” he wrote.
“We continue to operate in a world of greater competition, instability and contention than we have in over 30 years; a time before which cyber was material,” said Whitehouse. “As such, we need to go beyond the excellent work already in place … and prepare for when the big cyber event hits organisations, the UK, and the globe.
“Our adversaries, criminal and otherwise, are more aggressive and technically able than ever before, and show no sign of slowing down,” he added. “We need to prepare for ‘when’ and not ‘if’.”
Referencing predecessor Ian Levy’s Hitchhiker’s guide to the galaxy fandom, Whitehouse concluded: “I am glad I brought my towel.”