Highlights of the National Cyber Security Centre Annual Review 2020

The NCSC was created in 2016 as part of the Government’s National Cyber Security Strategy. This Annual Review of its fourth year looks back at some of the key developments and highlights from the NCSC’s work between September 2019 and August 2020. Not all its work can be disclosed publicly but the review seeks to describe the year with insights and facts from colleagues and teams inside and out of the organisation. 

Responding to the Coronavirus Pandemic

2020 has been a year of adapting to change and the unprecedented challenge of the coronavirus pandemic. The NCSC has spent a large amount of time dedicated to responding to the pandemic, they have a multi-faceted role in giving advice to an increasingly digitally active and dependent public, fixing vulnerabilities and responding to threats emanating from the pandemic. 

In total, the NCSC responded to 723 incidents of all kinds, (a 10% rise on the previous period) with 194 of these being Covid-related. The NCSC has thwarted 15,354 campaigns that used coronavirus themes as a "lure" to fool people into clicking on links or opening attachments which would contain malicious software.

ncsc coronvirusThe NCSC’s work didn't stop there, they also supported the NHS Test and Trace programme, the work of the Joint Biosecurity Centre (JBC) and the development of the NHS COVID-19 app. 

The NCSC’s role included;

  • Supporting decisions around users’ privacy.
  • Advising on cybersecurity best practice.
  • Maintaining transparency and openness with the public.
  • Soliciting feedback from the cybersecurity community.

Leaving the European Union

The NCSC’s Digital Government team provided a wide range of information assurance services in support of the Government’s European Union (EU) Exit plans. 

The NCSC’s role included;

  • Providing advice on and reviewing multiple departmental cybersecurity health checks and penetration testing reports.
  • Briefing government trade negotiation teams on the security of their communications.
  • Supporting the Cabinet Office and HMRC in building security into new systems


Suspicious Email Reporting Service (SERS)

In partnership with the City of London Police, the NCSC has launched SERS and encouraged people to forward emails they thought could be malicious. Four months after launching, the service has received 2.3 million reports – an average of 133,000 per week.

“The NCSC’s new report and-remove function is so vital... At last, we can forward scams to [email protected] and know that someone will take action.”

Martin Lewis, founder of MoneySavingExpert.com

Cyber Essentials Certification

In April, IASME Consortium Ltd became the NCSC’s sole delivery partner for Cyber Essentials. In the last 12 months, they have awarded 17,100 Cyber Essentials Certificates.

“We were absolutely delighted to step into the role of Cyber Essentials Partner. We see the Cyber Essentials scheme already having such a positive effect on the security of UK business and the strong partnership with the NCSC allows us now to enhance the scheme to be even more effective.”

Dr Emma Philpott MBE, CEO, the IASME Consortium Ltd 

Cyber Attack Trends

While the NCSC works 24/7 with its partners to prevent cyber attacks, some will inevitably get through.

“At the NCSC, we get ahead of the cyber threats and defend critical sectors before damage is done. Thanks to our access to key intelligence, our ability to predict trends and the agility of response, we refocused many of our capabilities to focus on coronavirus related sectors this year. It’s vital that we stay ahead of threats and are able to quickly react to the threat landscape.”

Paul Chichester, NCSC Director of Operations

  • Around a quarter of the incidents, the NCSC responded to this year related to coronavirus.
  • 10% rise in the number of incidents (723 v 658), and 33% increase in the number of victims (<1200 v 900) this year compared to last.
  • The NCSC also handled more than three times as many ransomware incidents than last year.

The Cyber Resilience Centre is proud to support the critical work that the NCSC deliver and we actively promote their guidance materials for small businesses.

You can read the full NCSC Annual Review 2020 and learn more about how the NCSC is making the UK the safest place to live and work online here

Did you miss the news?