The UK's National Cyber Security Center is inviting members of the cybersecurity community to join its new Cyber League, which is a collective of industry experts who will work alongside the government agency to address threats to security facing the United Kingdom.
Announced by the NCSC on January 17, the Cyber League will support existing NCSC initiatives that bring together experts from the public and private sectors. This is with the aim of improving the exchange of knowledge in cybersecurity.
The Cyber League's role in UK cybersecurity
At the Cyber League, members of the cybersecurity and threat intelligence industries will join NCSC analysts in workshops and focus groups to exchange ideas on the growing threat landscape.
The work carried out by the community will be “a critical part of visibility and monitoring of existing and emerging threats in the UK”, the NCSC said in a press release.
Paul Chichester, chief operating officer of the NCSC, said in a statement: “Cyber defense is a giant, complex and ever-changing puzzle, with critical knowledge, skills and innovation distributed widely across industry and government. Only by working together can we achieve our collective goal of making the UK the safest place to live and work online.”
Who can join the Cyber League?
Membership of the Cyber League is voluntary, with the prerequisite that members must be demonstrably involved in cybersecurity or threat intelligence and “have a substantial connection to the UK”.
A maximum of three people from a single organization can apply to the Cyber League community, as long as they can demonstrate knowledge and experience in cybersecurity.
Interested prospective members can inquire about membership by contacting [email protected].
How the NCSC is championing cross-sector collaboration
The Cyber League will complement the NCSC's Industry 100 (i100) initiative, a program created in October 2023 to improve the UK's cybersecurity posture by fostering collaboration between the country's public and private sectors.
The i100 initiative involves seconded staff from various organizations working part-time with the NCSC, from one day a week to one day a month, bringing their expertise to various projects.
This approach brings together diverse skill sets and perspectives, according to the NCSC, enhancing the agency's ability to effectively address current and emerging cybersecurity threats.
Likewise, the Cyber League will bring together experts from the public and private sectors to exchange knowledge and experiences, with the aim of achieving a more comprehensive understanding of cybersecurity issues.
Sharing knowledge is key to improving cybersecurity, experts say
On January 16, 2024, Ollie Whitehouse, NCSC's newly appointed chief technology officer, wrote in a blog post about the need to prepare for major cybersecurity incidents by looking beyond current initiatives and building “collective resilience” that would involve combine knowledge and resources.
“We continue to operate in a world of greater competition, instability and containment than in more than 30 years; a time before when the cybernetic was material,” Whitehouse wrote.
“As such, we must go beyond the excellent work already being done […] and get ready for when the big cyber event hits organisations, the UK and the world. “Our adversaries, criminal or not, are more aggressive and technically capable than ever and show no signs of slowing down.”
Jason Keirstead, vice president of collective threat defense at threat intelligence firm Cyware, welcomed the initiative as a means for the UK to tackle cybersecurity threats on a united front.
“It is extremely encouraging to see this announcement from NCSC. As we have seen with the JCDC (Joint Cyber Defense Collaborative) program in the United States, there are tangible benefits every time the public and private sectors increase their collective defense efforts,” Keirstead said in a statement shared via email.
“Cybersecurity is a nation-wide issue and cannot be solved if industry and government work alone; we must continue to participate as frequently and widely as possible.”
NCSC identifies need for greater messaging on cyber risks
In the UK government's 2023 Cybersecurity Breach Survey, 32% of businesses and 24% of charities reported experiencing breaches or attacks in the previous 12 months, and the report also found a decrease in cyber hygiene practices, such as password policies and network firewalls, among companies.
Across all UK businesses, there were almost 2.4 million cases of cybercrime and approximately 49,000 cases of fraud as a result of cybercrime during the 12-month period, according to the report. Charities alone experienced 785,000 cybercrimes during the same period.
The report suggested that organizations that received messages from agencies such as the NCSC were more likely to take action to identify cybersecurity risks.
Rogier Fischer, CEO of security platform Hadrian, said knowledge sharing was an important part of raising awareness of cybersecurity issues. “Initiatives like Cyber League are a great way for organizations to benefit from the knowledge and expertise of the broader cybersecurity community,” Fischer said in a statement shared with TechRepublic.
He added: “The power of these groups comes from the diversity of experts they attract, allowing organizations to create stronger security strategies. “Offensive security is gaining importance because it helps organizations identify which risks threaten them and which do not.”
Additional UK news on AI cybersecurity tips and risks
Recent advances in artificial intelligence, and in particular generative AI, have placed cybersecurity at the top of political and boardroom agendas.
In September 2023, the NCSC published advice for companies to protect themselves against AI-based security breaches. In November 2023, the NCSC published guidelines on the security of artificial intelligence systems together with the US Cybersecurity and Infrastructure Security Agency and other international security agencies.
Cybersecurity was also the focus of the November AI Security Summit, where 28 countries met to discuss the risks posed by new artificial intelligence models. The summit, held in the United Kingdom, focused on the need for governments, researchers and technology companies to work together to establish global AI safety protocols and address the challenges of rapidly evolving generative AI models. .
