National Cyber Security Centre complementing GCHQ efforts to address UK's cyber risk, says Fleming

Out-Law News | 09 Oct 2017 | 5:03 pm | 1 min. read

The National Cyber Security Centre (NCSC) is complementing GCHQ's efforts to keep UK users safe online, a senior official in the intelligence community has said.

In an article published by the Daily Telegraph, Jeremy Fleming, director of GCHQ, said protecting UK citizens online was as big a priority for GCHQ as its efforts in combating terrorism.

Fleming praised the work done by the NCSC since it became operational in October 2016, and said it had delivered work in public that would have been "deeply challenging" for GCHQ to have carried out itself.

"The NCSC has a world-leading programme to reduce the incidence and impact of cyber attacks without users even noticing," Fleming said. "It is also challenging us to work differently across the whole of GCHQ. By its nature, [the NCSC] has to work closely with the private sector; it works at lower (or without) security classifications, proactively engages with the media, and has a high profile in schools and universities. All of this can feel deeply challenging for a GCHQ that by necessity has worked in the shadows."

"It remains the case that much of what we do must remain secret. But I welcome the shift. If GCHQ is to continue to help keep the country safe, then protecting the digital homeland – keeping our citizens safe and free online – must become and remain as much part of our mission as our global intelligence reach and our round-the-clock efforts against terrorism," he said.

Last week the National Cyber Security Centre (NCSC) published its first annual review of its work. It revealed that it had handled more than 590 "significant incidents" in the first year of its operation, including the WannaCry ransomware attack and a cyber attack on the UK parliament in June.

The NCSC is part of GCHQ, and Fleming said the two organisations have worked closely together to tackle the cyber incidents the NCSC has responded to since its inception.

"In dealing with these cases … the NCSC drew on GCHQ’s data, analytical capabilities, skills and partnerships, which help us to prevent attacks as well as respond to them," Fleming said.

The NCSC became operational in October 2016. It was set up to lead the UK's approach to managing cyber risk and coordinate the response to major cyber incidents.