The National Cyber Security Centre (NCSC) has announced it will refresh its Active Cyber Defence (ACD) program, with a second iteration of the initiative to help organizations stay secure in a new era of cyber threats.
The first generation of the Active Cyber Defence program was launched in 2016, seeking to reduce the harm caused by cyber criminals leveraging prepackaged malicious tools and services available on underground hacking forums, known as commodity attacks.
The ACD comprises a collection of technical services and capabilities aimed at tackling a large swath of the cyber threats UK organizations face everyday, providing self-service checks, threat detection tools, and more.
The program was initially targeted specifically at developing services for the protection of government organizations.
But in its annual review for 2023, the NCSC said the ‘whole of society’ approach that defines the UK’s national cyber strategy meant it broadened the utility of ACD products and services to a wider range of users, from small business to the education sector.
The initiative also wanted to make it easier for users to find, sign up to, and manage the services provided in ACD, using its My NSCS platform to help bring various ACD products and services together into a single experience.
ACD 2.0 will encompass the next generation of products and services the cyber agency will provide to UK entities to help neutralize new dangers posed by a fast developing threat landscape.
NCSC ACD 2.0 will strategically divest where is sees the market stepping up
The second generation of the ACD will also reflect how the NCSC is divesting in certain areas as it sees the private sector catching up.
The increased availability and maturity of analogous services from private service providers means the agency can step back and focus on areas where it is uniquely positioned to provide protection at scale.
Ollie Whitehouse, CTO at the NCSC said the services included in the second generation of the ACD will be delivered where the market is not able to, be that because of the NCSC’s unique position in government, ability to scale, cyber capabilities, or authority.
“It’s important that the UK’s National Cyber Security Centre focuses its efforts where we can make a uniquely valuable contribution – where we see a gap in the commercial market, or where being part of GCHQ presents a unique opportunity to drive up resilience at scale,” he wrote in his blog introducing the program.
RELATED WHITEPAPER
“The NCSC will look to divest most of our new successful services within 3 years – to another part of government or the private sector to run on an enduring basis”.
The agency will continue to work with industry partners to deliver a number of the core services offered in the ACD package, such as its attack surface management suite, comprising its Web Check, Mail Check, and Early Warning products.
Helping organizations understand and reduce their attack surface and associated vulnerabilities is one of the most efficient ways of driving up external resilience nationwide, Whitehouse stated in his blog, urging security vendors with ideas for future products to get in touch with the agency.
-
RSAC Conference 2025: The front line of cyber innovationITPro Podcast Ransomware, quantum computing, and an unsurprising focus on AI were highlights of this year's event
-
Anthropic CEO Dario Amodei thinks we're burying our heads in the sand on AI job lossesNews With AI set to hit entry-level jobs especially, some industry execs say clear warning signs are being ignored
-
‘States don’t do hacking for fun’: NCSC expert urges businesses to follow geopolitics as defensive strategyNews Paul Chichester, director of operations at the UK’s National Cyber Security Centre, urged businesses to keep closer tabs on geopolitical events to gauge potential cyber threats.
-
Cyber attacks have rocked UK retailers – here's how you can stay safeNews Following recent attacks on retailers, the NCSC urges other firms to make sure they don't fall victim too
-
Five Eyes cyber agencies issue guidance on edge device vulnerabilitiesNews Cybersecurity agencies including the NCSC and CISA have issued fresh guidance on edge device security.
-
"Thinly spread": Questions raised over UK government’s latest cyber funding schemeThe funding will go towards bolstering cyber skills, though some industry experts have questioned the size of the price tag
-
State-sponsored cyber crime is officially out of controlNews North Korea is the most prolific attacker, but Russia and China account for the most disruptive and tightly-targeted campaigns
-
Modern enterprise cybersecuritywhitepaper Cultivating resilience with reduced detection and response times
-
IDC InfoBrief: How CIOs can achieve the promised benefits of sustainabilitywhitepaper CIOs are facing two conflicting strategic imperatives
-
The NCSC and FBI just issued a major alert over a state-backed hacker group – here’s what you need to knowNews State-affiliated attackers are targeting individuals via spear-phishing techniques, according to the NCSC
