Cybersecurity policy, policing and intelligence bodies in the UK
Jump to navigation
Jump to search
The operational architecture of UK government cyber security is built upon a matrix of intelligence agencies, departmental units, cross-governmental committees, and strategic initiatives. The National Cyber Security Centre (NCSC) and National Cyber Force (NCF) act as primary operational hubs.
| Entity | Dates | Purpose | Intel-related? | Predecessor/Successor | Notes | |
|---|---|---|---|---|---|---|
| National Cyber Security Centre (NCSC) | 2016–present | UK's technical authority on cyber threats/incidents/advice [1] | Yes (GCHQ) | Merged CESG, CERT-UK, CCA, CPNI cyber | Part of core intel community | |
| National Cyber Force (NCF) | 2020–present | Joint offensive cyber ops vs threats [2] | Yes (GCHQ/MI6/MOD) | Successor NOCP | Samlesbury base | |
| National Protective Security Authority (NPSA) | 2023–present | Physical/personnel/holistic state-threat security [3] | Yes (MI5) | Successor CPNI (2007–2023) | Broader CNI remit | |
| Government Cyber Coordination Centre (GC3) | 2022–present | Gov-wide threat coordination/incident response | No | Under Gov Cyber Strategy | Visibility/sharing | |
| Government Security Group (GSG) / Gov Cyber Unit | Active | Overarching gov security standards (GovAssure) | No | Cabinet Office | Enforcement | |
| Central Digital and Data Office (CDDO) & GDS | Active | Secure digital baselines | No | DSIT | Infrastructure | |
| Defence Digital (ex-ISS) | Active | Military network backbone | Partial (MOD) | Corsham | Perimeter defence | |
| Cyber Defence Operations Centre (CDOC) | Active | MOD network threat mitigation | Partial (MOD) | - | Defensive ops | |
| Joint Cyber Reserve Force | 2013–present | Crisis support reservists | Partial (MOD) | - | Strategic Command | |
| Land Intelligence Assurance Group (LIAG) | Active | Tactical cyber assurance | Partial (Army) | Under Defence Digital | Worldwide | |
| National Cyber Crime Unit (NCCU) | 2013–present | Cyber crime investigation/prosecution | No (NCA collab) | - | Ransomware focus | |
| CESG | Historical | GCHQ info assurance | Yes (GCHQ) | Predecessor NCSC | Closed 2016 | |
| Office of Cyber Security and Information Assurance (OCSIA) / CGSD | Historical | 2009–2017 | Policy/funding | No | To NCSC | Cabinet Office |
| Cyber Security Operations Centre (CSOC) | 2009–2016 | Network monitoring | Yes (GCHQ) | Pre-NCSC | Testbed | |
| CERT-UK | 2014–2016 | National incident coordination | Partial | To NCSC | Dissolved | |
| GovCERTUK | Closed 2014 | Gov network response | Partial | Early CERT | Predecessors | |
| Centre for the Protection of National Infrastructure (CPNI) | 2007–2023 | CNI physical/cyber guidance | Partial (MI5) | NISCC/NSAC → NPSA | Evolved | |
| National Offensive Cyber Programme (NOCP) | Historical | Offensive coordination | Yes | To NCF | Precursor | |
| GovAssure Framework | 2023–present | Resilience assurance (CAF) | Policy | Cabinet Office | Mandatory | |
| Defence Cyber Protection Partnership (DCPP) | Active | Supply chain security | Partial | MOD/DSIT | Industry links | |
| Defence Cyber Academy (DCA) | Active | Training hub | Partial (MOD) | Shrivenham | Skills |
- Key Policies/Strategies: National Cyber Security Strategy (various, e.g. 2016–2021, 2022); Government Cyber Security Strategy 2022–2030 (underpins GC3, GovAssure).
- Committees: NSC Cyber Subcommittee (2010–), JCNSS, PAC cyber oversight.
All claims drawn from official/gov sources; NCSC, NCF, NPSA form core of modern intel-linked cyber posture.