The UK Government has released the prospectus for the National Cyber Security Centre (NCSC), due to be launched later this year. Briefly, the prospectus sets out what’s proposed for the NCSC, as part of the government’s strategy for making the UK the safest place to live and work online.
Comment
John Smith, principal solution architect, Veracode, says: “Cyberattacks at the application layer are growing by more than 25 percent annually, with exploited vulnerabilities frequently resulting in catastrophic data breaches, such as the TalkTalk breach achieved using an SQL injection last year. Yet too frequently organisations’ take a lacklustre approach to remediating these potentially grave vulnerabilities. Indeed, in the retail and hospitability sectors, Veracode research found that only 60 percent of application vulnerabilities identified were fixed.
“As the digital economy grows in the UK and software plays an even more prolific role in every manner of job, it is essential that organisations gain a greater awareness around the threat of vulnerabilities and how best to approach them to remediate them. We expect the NCSC to stride forward in helping organisation understand this acute threat and the importance of incorporating proactive application security measures into their cybersecurity processes.”
Background
In November 2015 the Chancellor George Osborne announced the UK’s National Cyber Security Centre. Reporting to GCHQ, the National Cyber Security Centre will be a unified source of advice and support for government, industry and the economy. It will bring together the capabilities already developed by CESG – the Information Security Arm of GCHQ, the Centre for the Protection of National Infrastructure (CPNI), CERT-UK and the Centre for Cyber Assessment into a single point of contact.
The prospectus sets out proposals on what the National Cyber Security Centre will do, who it will work with and how it will operate.
