UK has not had to face a top-level cybersecurity threat before, but National Cyber Security Centre (NCSC) is now continually preparing for what they consider to be inevitable.
“Generally a level-1 cyber attack would be a classic national emergency which the government would take very seriously and an average person on street would notice some sort of impact on his life,” said deputy director of strategy and effectiveness at NCSC, Felicity Oswald.
“It is not a question of ‘if’ but ‘when’. We know it’s going to happen,” she told in a Policy-UK forum in London on British approach to cyber security.
Most incidents are usually level-3. “These are everyday incidents to us, but are significant to UK organisations,” said Felicity Oswald.
A level-2 incident is what typically matters at a sectoral level. It is a threat which is hitting more than one company or something on a national scale.
NCSC has dealt with a “few hundred” of these incidents in the first six months of their existence, said Oswald, but she did not specify if any of those are level-2 incidents.
In response to the incidents is one of three main strategic goals of NCSC. For this very reason, the NCSC has a huge incident management team. “We do our best to support all the organisations during a cyber security attack or incident,” said Oswald.
Understanding the threats against UK organisations and the UK in great detail is also another strategic goal, but Oswald said this is not possible using the GCHQ knowledge alone.
“We also need to bring in all the knowledge available in industry and share organisational knowledge across sectors,” she said, adding that the NCSC is keen to get feedback from industry.
