The National Cyber Security Centre and the regional Cyber Clusters

Explaining the NCSC and the Cyber Clusters – who they are and what they do. Also, the relationship between the Cyber Clusters and the Cyber Resilience Centres.

By: User Not Found / 21 June 2021

The NCSC or National Cyber Security Centre is a government organisation that provides advice and support to the public and private sector concerning cyber security threats. Its headquarters is in Victoria, London and was founded in 2016; and the NCSC annual budget is £1.9 billion. The NCSC was created out of the merging of four existing organisations:

GCHQ’s CESG or Communications-Electronics Security Group – was the national tech authority for information assurance,
GCHQ’s CCA or Centre for Cyber Assessment – providing cyber threat assessments to government departments,
CERT UK or Community Emergency Response Team – the former response team to computer security incidents,
CPNI or the Centre for the Protection of the National Infrastructure – helps to reduce the country’s vulnerability to terrorism, espionage and sabotage.

This provides a less segregated and more unified national response to cyber security threats. The NCSC can provide a single point of contact (SPOC) for SME’s, larger organisations, government agencies, the general public and departments.

During the Covid-19 pandemic, the NCSC prioritised protecting the NHS. And with a focus on employees working from home; the NCSC launched “Cyber Aware” which was a government advice scheme on how to stay safe online during Covid-19. The NCSC also introduced the “Suspicious Email Reporting Service” ([email protected]) and in its first 4 months of the service being introduced to the public, more than 2 million reports were received, which lead to the removal of over 9,000 scams and 22,000 URLs.

The regional Cyber Clusters:

Cyber clusters are informal groups of companies who actively work together in cyber security. There are no membership fees when joining a cyber cluster and all members are invited to regular meetings to interact with speakers, take part in networking and discussion. The UK is divided up into regional cyber clusters that are managed independently but collaborate through such platforms like the UK Cyber Security Forum to ensure all members are represented on a national level with opportunities and good practices that are shared across all the clusters. However, there does not seem to be a definitive list of the cyber clusters – with their correct names. The website “ukcybersecurityforum.com” has a section on “clusters” but arrives at a “404 page not found”. The list of 24 clusters that was once displayed on the website also had many of its links leading to (now) empty webpages, and there were present spelling errors on the names of the cyber clusters listed. Another website “cyberexchange.uk.net” has a section on “clusters” with a list of 20:

Bristol and Bath Cyber,
Capture the Flag Cyber Cluster,
Critical National Infrastructure in Wales Cyber Cluster,
CyberNorth,
CyNam (Cyber Cheltenham),
Data Privacy in Wales Cyber Cluster,
Education in Wales Cyber Security Cluster,
IP Wales Cyber Cluster,
MENA Cyber Security Cluster,
Midlands Cyber,
NI Cyber Cluster,
Norfolk and Suffolk Cyber Security Cluster,
North Wales Cyber Security Cluster,
North West Cyber Security Cluster,
Oxford Cyber Security Cluster,
ScotlandIS Cyber,
South Wales Cyber Security Cluster,
South West Cyber Security Cluster,
Women in Cyber Wales Cluster,
Yorkshire Cyber Security Cluster.

Many of these cyber clusters seem to overlap each other as Wales has 9 cyber clusters. There are aspects of the cyber clusters that can be seen as inconsistent or cause issues with future collaborations due to Wales having specific cyber clusters dedicated to education, compared to England that are just about the general region e.g., “West of England Cyber Cluster”- rather than a specific area of cyber security.

The relationship between the CRC’s to the Cyber Clusters:

A CRC or Cyber Resilience Centre is a development from BRIM or the Business Resilience International Management, who is involved with UK law enforcement and funded by the Home Office. Their objective is to “protect communities, promote economic growth and overall safety” in each locality. The CRC’s are government funded while the cyber clusters are community managed - both are without membership fees. Cyber clusters are made to aid a community of cyber security-focused companies. While the CRC’s act more like LEP’s with their emphasis on “economic growth” and “helping SME’s”. The SWCSC or South West Cyber Security Cluster promoted the South West CRC on their website (https://southwestcsc.org/sw-cyber-resilience-centre-free-core-membership/). The SWCSC presents the CRC as a useful resource with similar attributes to cyber clusters. The CRC’s are still a new concept and it has yet to be seen how their presence will affect the cyber clusters. However, it must be said that the CRC’s approach of having one go-to CRC per region instead of many variations for one region (e.g., 9 or more for Wales) is arguably, a better system.