Britain's National Cyber Force Reveals Its Operating Doctrine

Established in 2020, Britain's National Cyber Force (NCF) is a partnership between GCHQ and the Ministry of Defence which carries out daily cyber operations to protect against threats to the UK, support foreign policy, support military operations and prevent serious crime.

Following the publication of the Government’s Integrated Review Refresh (IRR) in March 2023, the publication of a new document titled ‘NCF: Responsible Cyber Power in Practice’ last week delivers on the commitment in the IRR to be as transparent as possible about the NCF’s cyber capabilities and provide clarity on how the UK acts as a responsible and democratic cyber power.

Britain is committed to international stability and security, and illustrating how states can act responsibly in cyberspace through demonstrating how the NCF’s operations are accountable, precise and calibrated. This, the governmnet claims, is in contrast to the 'reckless and indiscriminate activities' of those who would do harm to the UK and its allies.

All of the NCF’s operations are conducted in a legal and ethical manner, in line with domestic and international law and our national values. The operations are based on a deep understanding of the cyber environment, which enables NCF to design, time and target them with precision.

Central to the NCF’s approach is the ‘doctrine of cognitive effect’ - using techniques that have the potential to sow distrust, decrease morale, and weaken our adversaries’ abilities to plan and conduct their activities effectively. This can include preventing terrorist groups from publishing pieces of extremist media online or making it harder for states to use the Internet to spread disinformation by affecting their perception of the operating environment.

The NCF’s work is secret and it does not reveal details of individual operations, however, the intent is sometimes that adversaries do not realise that the effects they are experiencing are the result of a cyber operation. This ambiguity can help to amplify the cognitive effect.

Despite the necessary level of secrecy it can be disclosed that over the last three years the NCF has delivered operations to:

  • Protect military deployments overseas.
  • Disrupt terrorist groups.
  • Counter sophisticated, stealthy and continuous cyber threats.
  • Counter state disinformation campaigns.
  • Reduce the threat of external interference in democratic elections.
  • Remove child sexual abuse material from public spaces online.

In an increasingly volatile and interconnected world, to be a truly responsible cyber power, nations must be able to contest and compete with adversaries in cyberspace.

The National Cyber Force complements the UK’s world class cyber resilience to give the country  operational cyber capabilities at the scale needed to protect our free, open, and peaceful society.

With the threat growing and the stakes higher than ever before, the British government hope its new policy document provides a benchmark for the UK’s approach and a basis for like-minded governments to come together to establish a shared vision and values for the responsible use of cyber operations.

Gov.UK:        Gov.UK:       

You Might Also Read:

Britain's New Security Agency To Counter Chinese Hacking:

___________________________________________________________________________________________

If you like this website and use the comprehensive 6,500-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

 


Cyber Security Intelligence: Captured Organised & Accessible


 

« The Dark Side Of The New Dawn In AI
Increasing Cyber Attacks On Critical Infrastructure »

Infosecurity Europe
CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

Bulb Security

Bulb Security

Whether your internal red team or penetration testing team needs training, or you lack internal resources and need an outsourced penetration test, Bulb Security can help.

Trusted Computing Group

Trusted Computing Group

TCG was formed to develop, define and promote open, vendor-neutral, global industry standards, supportive of a hardware-based root of trust, for interoperable trusted computing platforms.

CQS (Certified Quality Systems)

CQS (Certified Quality Systems)

CQS is an organisation specialising in ISO assessment and certification, including ISO 27001, along with other management system standards.

Datto

Datto

Datto delivers a single toolbox of easy to use products and services designed specifically for managed service providers and the businesses they serve.

Karamba Security

Karamba Security

Karamba provide an IoT Security solution for ECUs in automobiles which ensures that all cars are protected (not just autonomous cars).

Maximus Consulting (MX)

Maximus Consulting (MX)

Maximus designs and delivers corporate-wide information security management system with our full-time IRCA Accredited consulting team.

Pentera Security

Pentera Security

Pentera (formerly Pcysys) is focused on the inside threat. Our automated penetration-testing platform mimics the hacker's attack - automating the discovery of vulnerabilities.

Halborn

Halborn

Elite blockchain cybersecurity. Award-winning ethical blockchain hackers to secure your stack end-to-end. Far beyond smart contracts.

Cyber7

Cyber7

CYBER7 is a National Cyber Security Innovation community initiated by Israel National Cyber Directorate, Ministry of Economy and Israel Innovation Authority led by Tech7 – Venture Studio.

Truly Secure

Truly Secure

Truly Secure is an IT Service Provider that ensures greater efficiency and security within a company's technological environment.

Visory

Visory

Great businesses depend on great technology. We make sure our clients go to market with enterprise-level technology and world-class security for their data and infrastructure.

North Green Security

North Green Security

North Green Security is a UK-based cyber security training and consultancy company.

DynTek

DynTek

DynTek delivers exceptional, cost-effective professional IT consulting services, end-to-end IT solutions and managed IT services.

MiDO Technologies

MiDO Technologies

MiDO Technologies has a mission to change the narrative around digital enabling tools on the continent of Africa and prepare African youth.

DOT Security

DOT Security

DOT Security provides advanced security services for businesses of all sizes.

Federal Office for the Protection of the Constitution (BfV)

Federal Office for the Protection of the Constitution (BfV)

The Federal Office for the Protection of the Constitution (Bundesamt für Verfassungsschutz - BfV) is the domestic intelligence services of the federal government of Germany.