The United Kingdom has a diverse cyber security community, interconnected in a complex network.
Although the terminology is currently largely aligned to a "cyber" view of the world, it is taken to still include information-related concerns, with previous predominant terminology including:
The significant constituents within that community are probably best understood by grouping into high level categories, namely:
According to a parliamentary committee the UK government is not doing enough to protect the nation against cyber attack. [1]
The UK Government periodically publishes a Cyber Security Strategy. [3]
Many of the stakeholders across all categories are engaged with that effort.
The overall responsibility for security within the UK rests with the National Security Council which is a cabinet committee chaired by the Prime Minister tasked with overseeing all issues related to national security, intelligence coordination, and defence strategy.
The internal protective security coordination role for UK government is led by the Government Chief Security Officer (GCSO) within the Cabinet Office, who since 2021 has been Vincent Devine. [4]
The central organisation supporting the GCSO is the Government Security Group (GSG), with a distributed Government Security Function / Government Security Profession across the departments and Arms Length Bodies (ALB), and three National Technical Authorities (NTA), all of which have a role in information and/or cyber security:
Coordination of activity across government is through a series of committees, both from within the world of security, [6] and in aligned domains such as the Chief Technology Officers (CTO), and Knowledge and Information Management (KIM).
The role of Lead Government Department (LGD) for Cyber Security is currently fulfilled by the Department for Science, Innovation, and Technology (DSIT), having previously rested with:
DSIT is responsible for supporting and promoting the UK cyber security sector, promoting cyber security research and innovation, and working with the National Cyber Security Centre to help ensure all UK organisations are secure online and resilient to cyber threats.
All other government departments and ALBs will have staff in the government security function / government security profession, supporting both their internal staff, and their client communities.
Former bodies in this category include:
The Ministry of Defence has primacy for information and cyber security within both its civilian and military staffs (approximately 250,000 personnel), and for the Defence Supply Base (DSB - approximately 30,000 companies).
It has two main security organisations:
These organisation work collaboratively to publish not only the internal rules, but also Defence Standards and Industry Security Notices (ISN) [8]
In April 2016, the MOD announced the creation of the Cyber Security Operations Centre (CSOC) "to protect the MOD's cyberspace from malicious actors" with a budget of over £40 million. It is located at MoD Corsham. [9] [10]
MOD collaborates with the DSB over information and cyber security matters through a number of organisations, including:
Former bodies in this category include:
The National Cyber Force consolidates offensive cyber capabilities from the Ministry of Defence and GCHQ.
The National Crime Agency (NCA) hosts the law enforcement cyber crime unit, incorporating the Child Exploitation and Online Protection Centre.
Former bodies in this category include:
The Wider Public Sector (WPS) covers both the Central Government and Law Enforcement categories that are itemised separately, but also elements such as:
Within the WPS, there are a number of collaborative bodies, including:
Former bodies in this category include:
Two regulatory bodies have a specific cyber security related function:
Most other regulatory bodies will have staff covering information and cyber security function for both their internal staff, and their client communities.
Work in academia on information and cyber security can be delineated into research and teaching.
NCSC has accredited several Academic Centres of Excellence in Cyber Security Research: [16]
UK Cyber Clusters |
---|
Bristol and Bath Cyber |
Bournemouth Cyber Cluster |
Cambridge Cluster |
East Midlands |
London |
Malvern Cluster |
Norfolk Cyber Cluster |
North East Cyber Cluster |
North Wales |
North West Cluster |
N Somerset Cluster |
Oxford |
Scottish Cyber Cluster |
Solent Cyber Cluster |
South Wales |
South West Cyber Cluster (Exeter) |
Sussex Cluster |
Thames Valley Cluster |
West Midlands Cluster |
Yorkshire Cluster |
Current bodies that cover multiple sectors include:
Former bodies in this category include:
Many of these categories will provide linkages from the UK to other nations' activities in cyber security, including:
The United Kingdom has a diverse cyber security community, interconnected in a complex network.
Although the terminology is currently largely aligned to a "cyber" view of the world, it is taken to still include information-related concerns, with previous predominant terminology including:
The significant constituents within that community are probably best understood by grouping into high level categories, namely:
According to a parliamentary committee the UK government is not doing enough to protect the nation against cyber attack. [1]
The UK Government periodically publishes a Cyber Security Strategy. [3]
Many of the stakeholders across all categories are engaged with that effort.
The overall responsibility for security within the UK rests with the National Security Council which is a cabinet committee chaired by the Prime Minister tasked with overseeing all issues related to national security, intelligence coordination, and defence strategy.
The internal protective security coordination role for UK government is led by the Government Chief Security Officer (GCSO) within the Cabinet Office, who since 2021 has been Vincent Devine. [4]
The central organisation supporting the GCSO is the Government Security Group (GSG), with a distributed Government Security Function / Government Security Profession across the departments and Arms Length Bodies (ALB), and three National Technical Authorities (NTA), all of which have a role in information and/or cyber security:
Coordination of activity across government is through a series of committees, both from within the world of security, [6] and in aligned domains such as the Chief Technology Officers (CTO), and Knowledge and Information Management (KIM).
The role of Lead Government Department (LGD) for Cyber Security is currently fulfilled by the Department for Science, Innovation, and Technology (DSIT), having previously rested with:
DSIT is responsible for supporting and promoting the UK cyber security sector, promoting cyber security research and innovation, and working with the National Cyber Security Centre to help ensure all UK organisations are secure online and resilient to cyber threats.
All other government departments and ALBs will have staff in the government security function / government security profession, supporting both their internal staff, and their client communities.
Former bodies in this category include:
The Ministry of Defence has primacy for information and cyber security within both its civilian and military staffs (approximately 250,000 personnel), and for the Defence Supply Base (DSB - approximately 30,000 companies).
It has two main security organisations:
These organisation work collaboratively to publish not only the internal rules, but also Defence Standards and Industry Security Notices (ISN) [8]
In April 2016, the MOD announced the creation of the Cyber Security Operations Centre (CSOC) "to protect the MOD's cyberspace from malicious actors" with a budget of over £40 million. It is located at MoD Corsham. [9] [10]
MOD collaborates with the DSB over information and cyber security matters through a number of organisations, including:
Former bodies in this category include:
The National Cyber Force consolidates offensive cyber capabilities from the Ministry of Defence and GCHQ.
The National Crime Agency (NCA) hosts the law enforcement cyber crime unit, incorporating the Child Exploitation and Online Protection Centre.
Former bodies in this category include:
The Wider Public Sector (WPS) covers both the Central Government and Law Enforcement categories that are itemised separately, but also elements such as:
Within the WPS, there are a number of collaborative bodies, including:
Former bodies in this category include:
Two regulatory bodies have a specific cyber security related function:
Most other regulatory bodies will have staff covering information and cyber security function for both their internal staff, and their client communities.
Work in academia on information and cyber security can be delineated into research and teaching.
NCSC has accredited several Academic Centres of Excellence in Cyber Security Research: [16]
UK Cyber Clusters |
---|
Bristol and Bath Cyber |
Bournemouth Cyber Cluster |
Cambridge Cluster |
East Midlands |
London |
Malvern Cluster |
Norfolk Cyber Cluster |
North East Cyber Cluster |
North Wales |
North West Cluster |
N Somerset Cluster |
Oxford |
Scottish Cyber Cluster |
Solent Cyber Cluster |
South Wales |
South West Cyber Cluster (Exeter) |
Sussex Cluster |
Thames Valley Cluster |
West Midlands Cluster |
Yorkshire Cluster |
Current bodies that cover multiple sectors include:
Former bodies in this category include:
Many of these categories will provide linkages from the UK to other nations' activities in cyber security, including: