NCSC Active Cyber Defence 2.0 refresh looks to tailor services to the security market and threat landscape
The NCSC plans to update its Active Cyber Defence program, introducing a refresh to keep the initiative up to date with the current threat landscape
The National Cyber Security Centre (NCSC) has announced it will refresh its Active Cyber Defence (ACD) program, with a second iteration of the initiative to help organizations stay secure in a new era of cyber threats.
The first generation of the Active Cyber Defence program was launched in 2016, seeking to reduce the harm caused by cyber criminals leveraging prepackaged malicious tools and services available on underground hacking forums, known as commodity attacks.
The ACD comprises a collection of technical services and capabilities aimed at tackling a large swath of the cyber threats UK organizations face everyday, providing self-service checks, threat detection tools, and more.
The program was initially targeted specifically at developing services for the protection of government organizations.
But in its annual review for 2023, the NCSC said the ‘whole of society’ approach that defines the UK’s national cyber strategy meant it broadened the utility of ACD products and services to a wider range of users, from small business to the education sector.
The initiative also wanted to make it easier for users to find, sign up to, and manage the services provided in ACD, using its My NSCS platform to help bring various ACD products and services together into a single experience.
ACD 2.0 will encompass the next generation of products and services the cyber agency will provide to UK entities to help neutralize new dangers posed by a fast developing threat landscape.
Sign up today and you will receive a free copy of our Future Focus 2026 report - the leading resource for IT decision-maker insight on priorities and investment areas in AI, security and more.
NCSC ACD 2.0 will strategically divest where is sees the market stepping up
The second generation of the ACD will also reflect how the NCSC is divesting in certain areas as it sees the private sector catching up.
The increased availability and maturity of analogous services from private service providers means the agency can step back and focus on areas where it is uniquely positioned to provide protection at scale.
Ollie Whitehouse, CTO at the NCSC said the services included in the second generation of the ACD will be delivered where the market is not able to, be that because of the NCSC’s unique position in government, ability to scale, cyber capabilities, or authority.
“It’s important that the UK’s National Cyber Security Centre focuses its efforts where we can make a uniquely valuable contribution – where we see a gap in the commercial market, or where being part of GCHQ presents a unique opportunity to drive up resilience at scale,” he wrote in his blog introducing the program.
RELATED WHITEPAPER
“The NCSC will look to divest most of our new successful services within 3 years – to another part of government or the private sector to run on an enduring basis”.
The agency will continue to work with industry partners to deliver a number of the core services offered in the ACD package, such as its attack surface management suite, comprising its Web Check, Mail Check, and Early Warning products.
Helping organizations understand and reduce their attack surface and associated vulnerabilities is one of the most efficient ways of driving up external resilience nationwide, Whitehouse stated in his blog, urging security vendors with ideas for future products to get in touch with the agency.

Solomon Klappholz is a former staff writer for ITPro and ChannelPro. He has experience writing about the technologies that facilitate industrial manufacturing, which led to him developing a particular interest in cybersecurity, IT regulation, industrial infrastructure applications, and machine learning.
-
UK’s Cyber Resilience Pledge gathers momentum as 60 firms sign up to bolster capabilitiesNews The voluntary pledge sees organizations tightening up their defences, particularly against supply-chain attacks
-
Hostile states behind three-quarters of UK critical infrastructure attacksNews NCSC CEO warns that with the rise of AI, the danger is only set to get worse
-
NCSC urges organizations to shore up supply chain security practicesNews With attackers increasingly compromising open source packages to spread malware, organizations need to be on their guard
-
A ‘perfect storm’: NCSC chief issues warning over quantum threats, nation-state hackers, and the dangers of global ‘hacktivism’News NCSC CEO Richard Horne says nation-state attacks, AI and the looming quantum threat require stronger global collaboration
-
The NCSC says it’s time to switch to passkeysNews UK security organization calls for companies to step up and offer more secure ways to login
-
NCSC issues alert over Russian hacker campaign targeting SOHO routersNews The APT28 group has exploited vulnerable internet routers to covertly reroute internet traffic through malicious servers
-
NCSC names and shames pro-Russia hacktivist group amid escalating DDoS attacks on UK public servicesNews Russia-linked hacktivists are increasingly trying to cause chaos for UK organizations
-
The NCSC touts honeypots and ‘cyber deception’ tactics as the key to combating hackers — but they could ‘lead to a false sense of security’News Trials to test the real-world effectiveness of cyber deception solutions have produced positive results so far

