NCSC-UK Annual Review 2018 and Active Defence

On 16 October, NCSC-UK (part of GCHQ) released their second annual review for 2018. The report is really well-written and provides insights on how large scale impact can be achieved. This is a really good example of planning and implementing a well structured and funded cyber security program and National Cyber Security Strategy.

What caught my attention is the Active Cyber Defence (ACD) services and their impact:

1. Web check – vulnerability scanning of websites

2. Protective DNS – DNS sinkholing and passive DNS usage

3. Takedown – service to take down phishing and malware sites

4. Mail check – using DMARC to prevent and detect fake emails

The impact of the ACD services can be seen below.
Screen Shot 2018-10-20 at 00.21.00

Other NCSC and governmental organisations can definitely learn from UK’s NCSC approach and methodologies used.
Read the full report here:

The podcast released is also great: six members of the NCSC team talk through the methodology behind the tactics they have deployed in more than 1,000 incidents since launching two years ago.
Podcast link:


Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.