NCSC Active Cyber Defence 2.0 refresh looks to tailor services to the security market and threat landscape

A logo is displayed on a television screen in the National Cyber Security Centre (NCSC) on February 14, 2017 in London, England
(Image credit: Getty Images)

The National Cyber Security Centre (NCSC) has announced it will refresh its Active Cyber Defence (ACD) program, with a second iteration of the initiative to help organizations stay secure in a new era of cyber threats.

The first generation of the Active Cyber Defence program was launched in 2016, seeking to reduce the harm caused by cyber criminals leveraging prepackaged malicious tools and services available on underground hacking forums, known as commodity attacks.

The ACD comprises a collection of technical services and capabilities aimed at tackling a large swath of the cyber threats UK organizations face everyday, providing self-service checks, threat detection tools, and more.

The program was initially targeted specifically at developing services for the protection of government organizations.

But in its annual review for 2023, the NCSC said the ‘whole of society’ approach that defines the UK’s national cyber strategy meant it broadened the utility of ACD products and services to a wider range of users, from small business to the education sector.

The initiative also wanted to make it easier for users to find, sign up to, and manage the services provided in ACD, using its My NSCS platform to help bring various ACD products and services together into a single experience. 

ACD 2.0 will encompass the next generation of products and services the cyber agency will provide to UK entities to help neutralize new dangers posed by a fast developing threat landscape.

NCSC ACD 2.0 will strategically divest where is sees the market stepping up

The second generation of the ACD will also reflect how the NCSC is divesting in certain areas as it sees the private sector catching up. 

The increased availability and maturity of analogous services from private service providers means the agency can step back and focus on areas where it is uniquely positioned to provide protection at scale.

Ollie Whitehouse, CTO at the NCSC said the services included in the second generation of the ACD will be delivered where the market is not able to, be that because of the NCSC’s unique position in government, ability to scale, cyber capabilities, or authority.

“It’s important that the UK’s National Cyber Security Centre focuses its efforts where we can make a uniquely valuable contribution – where we see a gap in the commercial market, or where being part of GCHQ presents a unique opportunity to drive up resilience at scale,” he wrote in his blog introducing the program.

RELATED WHITEPAPER

“The NCSC will look to divest most of our new successful services within 3 years – to another part of government or the private sector to run on an enduring basis”.

The agency will continue to work with industry partners to deliver a number of the core services offered in the ACD package, such as its attack surface management suite, comprising its Web Check, Mail Check, and Early Warning products.

Helping organizations understand and reduce their attack surface and associated vulnerabilities is one of the most efficient ways of driving up external resilience nationwide, Whitehouse stated in his blog, urging security vendors with ideas for future products to get in touch with the agency.

Solomon Klappholz
Staff Writer

Solomon Klappholz is a Staff Writer at ITPro. He has experience writing about the technologies that facilitate industrial manufacturing which led to him developing a particular interest in IT regulation, industrial infrastructure applications, and machine learning.