Effective protective security depends on the use of a variety of measures to detect, deter and delay any attack. Cyber security measures should form part of a multi-layered approach that includes physical and personnel/people security.
Information technology is increasingly integrated into everyday life – the world is a more open and connected place. Every business relies on the confidentiality, integrity and availability of its data. Our essential services rely on the integrity of cyberspace and the infrastructure, systems and data that underpin it. However cyber-related threats are one of the most significant risks to the UK, which is why cyber security is increasingly important to ensure the best protection.
The UK government has set up the National Cyber Security Centre (NCSC) to act as a unified source of advice and support on cyber security. The NCSC was officially opened on 14 February 2017 by Her Majesty The Queen.
The NCSC is the single point of contact for the private and public sectors. It brings together the capabilities developed by CPNI and CESG (the information security arm of GCHQ), CERT-UK and the Centre for Cyber Assessment.
The latest cyber security advice and guidance, including threat advice, is available on the NCSC website. Previous jointly-published publications are also available in an archive collection on the NCSC website. More information about the past, present and future of cyber security is available in the NCSC's report 'The launch of the National Cyber Security Centre.'
Further advice on physical security and personnel and people security can be found on the CPNI website by following the links under Advice. Holistic guidance which covers all three elements - cyber security, physical security, and personnel/people security - is also available on this site.
The EU Directive on the security of network and information systems (NIS) was approved in August 2016, giving Member States 21 months to embed the Directive into their respective national laws. The Directive becomes UK law in May 2018. All organisations deemed 'Operators of Essential...