National Cyber Security Centre
New Cyber Attack categorisation system to improve UK response to incidents
The NCSC and law enforcement are implementing a new cyber incident prioritisation framework.
- NCSC and law enforcement to implement new cyber incident prioritisation framework
- Existing system of three categories of incident broadened to six detailed classifications
- Categorisation spans full range of incidents from national campaigns to personal attacks
- Move reflects ever-strengthening partnership between law enforcement and the NCSC
- Announcement comes on the final day of the NCSC’s flagship conference CYBERUK 2018
HACKERS wanting to harm the UK will be thwarted thanks to a step-change in how intelligence experts align with law enforcement.
The new, world-leading approach will see the National Cyber Security Centre (NCSC), a part of GCHQ, working hand-in-hand with law enforcement agencies to defend against the growing threat.
The NCSC has responded to more than 800 significant incidents since October 2016, and their incident responders will now classify attacks into six specific categories rather than the previous three.
The changes, which are effective immediately, will improve consistency around the incident response and better use resources – ultimately leading to more victims receiving support.
Paul Chichester, the NCSC’s Director of Operations, said:
“This new joint approach, developed in partnership with UK law enforcement, will strengthen the UK’s ability to respond to the significant, growing and diverse cyber threats we face.
“The new system will offer an improved framework for dealing with incidents, especially as GDPR and the NIS Directive come into force shortly.
“Individual judgements will of course still be applied to respond to incidents as necessary.”
Information processed by the new framework will ultimately be used to generate the most comprehensive national picture to date of the cyber threat landscape, spanning the full range of incidents from national crises to cyber attacks on individuals.
The incident category definitions give increased clarity on response mechanisms for incidents by identifying what factors would happen to activate a specific classification, which organisation responds and what actions they would take.
National Police Chiefs' Council Lead for Cybercrime, Chief Constable Peter Goodman, said:
“This is a hugely important step forward in joint working between law enforcement and the intelligence agencies
“Sharing a common lexicon enables a collaborative understanding of risk and severity that will ensure that we provide an effective, joined-up response.
“This is good news for the safety of our communities, business and individuals.”
The framework encompasses cyber incidents in all sectors of the economy, including central and local government, industry, charities, universities, schools, small businesses and individuals.
Any cyber attack which may have a national impact should be reported to the NCSC immediately. This includes cyber attacks which are likely to harm UK national security, the economy, public confidence, or public health and safety.
Depending on the incident, the NCSC may be able to provide direct technical support. The NCSC also provides comprehensive guidance and advice on its website for companies or individuals in need.
People or businesses suffering from a cyber attack below the national impact threshold should contact Action Fraud, UK’s national fraud and cyber crime reporting centre, who will respond in accordance with the new incident categorisation.
Latest News from
National Cyber Security Centre
Most hacked passwords revealed as UK cyber survey exposes gaps in online security23/04/2019 14:15:00
The NCSC's first 'UK cyber survey' published alongside global password risk list.
Next-gen start-ups to partner with National Cyber Security Centre15/04/2019 15:20:00
Security experts are calling on cutting-edge tech entrepreneurs to help develop the next generation of cyber security solutions.
GCHQ cyber courses recognised by qualification board09/04/2019 08:20:00
CyberFirst courses recognised by the Scottish Qualifications Authority (SQA)
Royal Masonic School for Girls crowned winners of biggest cyber competition to date26/03/2019 11:15:00
The winners of the 2019 CyberFirst Girls competition have been crowned.
Security research highlights central role children play25/03/2019 10:20:00
Research highlights the importance of children when it considering online safety
New NCSC beta website launched13/03/2019 09:15:00
New NCSC website aims to become the UK’s homepage for cyber security.
I spy finalists of NCSC's CyberFirst Girls competition11/03/2019 17:11:00
Finalists announced with record numbers of teams participating in the 2019 competition.
UK Boards of biggest firms must do more to be cyber aware06/03/2019 08:12:00
Boards at some of the UK’s biggest companies still don’t fully understand the potential impact of a cyber attack according to a new report.