Inside the NCSC’s plan to create a national threat tracking A-Team

The UK’s National Cyber Security Centre (NCSC) is inviting security professionals to sign up as members of its new Cyber League, an initiative aimed at working on some of the biggest security threats currently facing the country. 

The plan is to bring together a community of industry experts, working with NCSC analysts and with each other, to use their specialist knowledge and understanding of the threat landscape to develop techniques and strategies to counter future attacks.

Members will take part in a range of projects, the NCSC said, including analytics workshops and discussion groups on key trending issues.

Paul Chichester, director of operations at the security agency, said the initiative will draw on the combined strengths of the country’s cyber industry and institutions to improve national resilience.

"Cyber defence is a giant, complex and ever-changing puzzle, with critical knowledge, skills and innovation spread widely across industry and government,” he said. .

"Only through working together can we achieve our collective aim of making the UK the safest place to live and work online."

Raj Samani, SVP and chief scientist at Rapid7 said the announcement marks a positive step for the UK cyber security landscape, and could play a critical role in ensuring broader national resilience.

“With the current asymmetry of information among criminal threat groups and the cyber security industry, it’s great to see the NCSC taking proactive steps to promote the sharing of skills and information through the Cyber League initiative,” he said.

Samani said the industry has a tendency to get “bogged down too much in speculation about vulnerabilities and threats”, and therefore the launch of the scheme presents an opportunity for industry to collaborate more closely on mitigating threats.

“This new Cyber League will act as a great place to boost context-driven threat hunting and innovate how we tackle the rising problem of cyber security,” he added.

How the NCSC Cyber League will work

To take part in the Cyber League, an organization must have a 'substantial' UK connection and be part of the cyber security or threat intelligence industry, according to the NCSC. 

Up to three individuals in an organization can sign up to participate providing they have the “relevant cyber experience and knowledge".

Participants will be required to pass security checks, and will also have to have been a resident in the UK for the last five consecutive years.

The NCSC said the aim of the initiative is to be as flexible as possible when it comes to membership. Anyone can take part, even if they can't commit much time, as long as they still have experience and knowledge to share that can bring operational benefit.

Most members, though, are likely to come through the Industry 100 (i100) secondment program.

This involves secondees working across a wide range of placements on a part-time basis, ranging from one day a week to one day a month. Participating organizations continue to pay the salary of their staff members while on secondment, in order to maintain independence.

There are currently 127 placements from 87 organizations, with 200 secondments to date. Participating organisations get the opportunity to challenge and help shape government thinking on cyber issues, build a network of professional contacts across government and the wider cyber security community, and gain a greater understanding of how a central government department works.

"i100 brings together public and private sector talent to challenge thinking, test innovative ideas and enable greater understanding of cyber security – one of the most important issues of our time," the NCSC said.

"In i100, we are bringing industry and government expertise together to help us all learn lessons, identify systemic vulnerabilities and reduce the impact of cyber attacks."