Britain's National Cyber Force Reveals Its Operating Doctrine

Established in 2020, Britain's National Cyber Force (NCF) is a partnership between GCHQ and the Ministry of Defence which carries out daily cyber operations to protect against threats to the UK, support foreign policy, support military operations and prevent serious crime.

Following the publication of the Government’s Integrated Review Refresh (IRR) in March 2023, the publication of a new document titled ‘NCF: Responsible Cyber Power in Practice’ last week delivers on the commitment in the IRR to be as transparent as possible about the NCF’s cyber capabilities and provide clarity on how the UK acts as a responsible and democratic cyber power.

Britain is committed to international stability and security, and illustrating how states can act responsibly in cyberspace through demonstrating how the NCF’s operations are accountable, precise and calibrated. This, the governmnet claims, is in contrast to the 'reckless and indiscriminate activities' of those who would do harm to the UK and its allies.

All of the NCF’s operations are conducted in a legal and ethical manner, in line with domestic and international law and our national values. The operations are based on a deep understanding of the cyber environment, which enables NCF to design, time and target them with precision.

Central to the NCF’s approach is the ‘doctrine of cognitive effect’ - using techniques that have the potential to sow distrust, decrease morale, and weaken our adversaries’ abilities to plan and conduct their activities effectively. This can include preventing terrorist groups from publishing pieces of extremist media online or making it harder for states to use the Internet to spread disinformation by affecting their perception of the operating environment.

The NCF’s work is secret and it does not reveal details of individual operations, however, the intent is sometimes that adversaries do not realise that the effects they are experiencing are the result of a cyber operation. This ambiguity can help to amplify the cognitive effect.

Despite the necessary level of secrecy it can be disclosed that over the last three years the NCF has delivered operations to:

  • Protect military deployments overseas.
  • Disrupt terrorist groups.
  • Counter sophisticated, stealthy and continuous cyber threats.
  • Counter state disinformation campaigns.
  • Reduce the threat of external interference in democratic elections.
  • Remove child sexual abuse material from public spaces online.

In an increasingly volatile and interconnected world, to be a truly responsible cyber power, nations must be able to contest and compete with adversaries in cyberspace.

The National Cyber Force complements the UK’s world class cyber resilience to give the country  operational cyber capabilities at the scale needed to protect our free, open, and peaceful society.

With the threat growing and the stakes higher than ever before, the British government hope its new policy document provides a benchmark for the UK’s approach and a basis for like-minded governments to come together to establish a shared vision and values for the responsible use of cyber operations.

Gov.UK:        Gov.UK:       

You Might Also Read:

Britain's New Security Agency To Counter Chinese Hacking:

___________________________________________________________________________________________

If you like this website and use the comprehensive 6,500-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

 


Cyber Security Intelligence: Captured Organised & Accessible


 

« The Dark Side Of The New Dawn In AI
Increasing Cyber Attacks On Critical Infrastructure »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

Perimeter 81 / How to Select the Right ZTNA Solution

Perimeter 81 / How to Select the Right ZTNA Solution

Gartner insights into How to Select the Right ZTNA offering. Download this FREE report for a limited time only.

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

JumpCloud

JumpCloud

JumpCloud's Directory-as-a-Service (DaaS) is the single point of authority to authenticate, authorize, and manage the identities of a business’s employees and the systems and IT resources they need.

Cyberlytic

Cyberlytic

Cyberlytic applies artificial intelligence to combat the most sophisticated of web application threats, addressing the growing problem of high volumes of threat data.

AcceptLocal

AcceptLocal

AcceptLocal is a payments industry consultancy with expertise in payment processing, payment security, anti-money laundering and fraud prevention.

DNV

DNV

DNV are the independent expert in assurance and risk management. We deliver world-renowned testing, certification and technical advisory services.

Aptible

Aptible

Security Management and Compliance for Developers. Aptible helps teams pass information security audits and deploy audit-ready apps and databases.

Empiric

Empiric

Empiric is a multi-award winning technology and transformation recruitment agency specialising in data, digital, cloud and security.

Allthenticate

Allthenticate

Allthenticate Single Device Authentication (SDA), enables seamless authentication in both the physical and digital words while unifying management in one easy-to-use interface.

Collins Aerospace

Collins Aerospace

Collins Aerospace provides cybersecurity services and systems to protect critical infrastructure facilities and railroad operations.

apiiro

apiiro

apiiro invented the industry-first Code Risk Platform™ that uses developers and code behavior analysis to accelerate delivery and automatically remediate product risk.

TekSek Cyber Security

TekSek Cyber Security

Preparing you for tomorrow's security threats.

NXTsoft

NXTsoft

NXTsoft’s solutions help businesses secure, connect and optimize their data to maximize revenue opportunities, enhance profitability, and mitigate cybersecurity risk.

Gulf Business Machines (GBM)

Gulf Business Machines (GBM)

GBM is a leading end-to-end digital solutions provider, offering the broadest portfolio, including industry-leading digital infrastructure, digital business solutions, security and services.

Moro Hub

Moro Hub

Moro Hub, a subsidiary of Digital DEWA, is a UAE-based digital data hub focused on digital transformation and operational services.

Fulcrum IT Partners

Fulcrum IT Partners

Fulcrum IT Partners is the parent company of an expanding portfolio of established IT solution companies around the world with proven expertise in cyber security, cloud, and managed services.

ShieldIO

ShieldIO

ShieldIO Real-Time Homomorphic Encryption™ enables your organization to reach regulatory compliance without compromising data availability.

Azerbaijan Cybersecurity Center (ACC)

Azerbaijan Cybersecurity Center (ACC)

Azerbaijan Cybersecurity Center is a state-of-the-art facility to deliver advanced cyber training programs and build the next generation of Azerbaijan’s cybersecurity professionals.