23 October 2019

NCSC Annual Review 2019: The Highlights

Today, the National Cyber Security Centre (NCSC) released their 2019 Annual Review. For those that will struggle to find time to read the substantial document, we have summarised the key points to highlight the progress of the NCSC and the work that still needs to be done to protect the UK.

As said by Ciaran Martin, CEO of the NCSC: “We are learning that securing the nation’s digital future is not just about protecting networks and devices – it’s about inspiring a safe and trusted product base, and a skilled and diverse workforce who can make the cyber landscape work for the whole of the UK”.

 Statistics Highlights

  • UK share of visible global phishing attacks reduced to 2.1% (August 2019) from 5.31% (June 2016).
  • In 2016, HMRC was the 16th most phished brand globally. In September 2019, as a result of Active Cyber Defence services and HMRC countermeasures, their ranking had dropped to 126th in the world.
  • Last year, 31% of all SMEs suffered from hostile incidents: “The worst thing is that the majority of these attacks were preventable. Many of these companies are relying on a firewall and antivirus alone, often because other forms of protection are too expensive.”
  • 70% believe they will likely be a victim of at least one specific type of cybercrime over the next two years, and most feel there would be a big personal impact.
  • The NCSC took down 177,335 phishing URLs, 62.4% of which were removed within 24 hours.
  • 14,234 Cyber Essentials Certificates issued which is up 39% on previous year.

 The NCSC Enquiries Service

Cybersecurity is of growing importance, but many people do not understand the potential impact that threats can have, or how to manage them when they do. The NCSC’s Review supports this, showing that their public enquiries service dealt with 11,000 queries over the past year, representing more than 200 enquiries every week.

Cyber Defence Ecosystem 

The NCSC aims to deliver a Cyber Defence Ecosystem (CDE) sharing threat knowledge both in the UK and globally to enable both understanding and to see any potential threats before they spread.

Their goals are to:

  • Create a structured and automated ecosystem across the UK (and in time globally)
  • Share ‘our part of the puzzle’ to better defend the UK, partners and allies
  • Build and enhance threat awareness to enable better detection and defence
  • Rapidly alert enterprise victims of malicious activity

Supporting Organisations

Charities – A government survey found that many of the UK’s 180,000 charities had experienced cyber breaches, including viruses, phishing emails, ransomware attacks and identity theft. One UK charity lost £13,000 after its CEO’s email account was hacked, and a fraudulent message sent to its financial manager with instructions to release the funds.

Schools & Colleges – The NCSC spoke to over 430 schools across the UK, with 92% stating that they would welcome more cybersecurity training for teachers and staff. With this in mind, the NCSC is developing a dedicated cybersecurity training package for schools with information cards containing basic cyber hygiene to over 10,000 schools.

CyberFirst – Which aims to identify and nurture young talent and help them explore their passion for technology and gain necessary skills and overall, course applications increased by 29% with a 47% increase in the number of female applicants.

Cyber Schools Hubs statistics

  • 26 participating schools
  • 250 extra teaching hours of computer science activities delivered across four schools
  • 120 crates of educational equipment such as specialised computers, robots and games, shared by schools around the county
  • 19 organisations voluntarily participating in the project

The final word: The most used passwords

If you use Superman as your secure password you are part of a select group of 333,139 people… All joking aside, the review raises some serious questions about password security which will, in turn, remind people to reconsider their passwords.

If you would like to read the full review, download the Review here.