Keep up with the latest cybersecurity threats, newly discovered vulnerabilities, data breach information, and emerging trends. Delivered daily or weekly right to your email inbox.
Breaking cybersecurity news, news analysis, commentary, and other content from around the world, with an initial focus on the Middle East & Africa.
How the UK is assisting other nations in forming their own versions of a National Centre for Cybersecurity (NCSC).
Dan Raywood, Senior Editor, Dark Reading
September 28, 2023
3 Min Read
Juliette Wilcox speaking at the International Cyber Expo in London.Source: Image via Dan Raywood
Juliette Wilcox, cybersecurity ambassador for the UK's Department for International Trade.
The UK's National Cybersecurity Centre opened seven years ago, and other nations have since been inspired to open similar agencies.
Juliette Wilcox, cybersecurity ambassador for the UK's Department for International Trade, recently traveled to Kuwait where the UK agreed on a deal to support the functions of the Kuwait National Center for Cybersecurity. Wilcox spoke to Dark Reading about how the Middle East and Africa, among other nations, are building their own cybersecurity strategies and opening such centers.
How are countries opening national cybersecurity agencies and centers in the image of the NCSC?
Wilcox: A number of other governments looked at and admired it and asked how do they get one? If other countries want a version of that, then the way they do it is by getting industry experts who have done this before and setting it up in a way that works for their country. But these are really complicated conversations, partly because creating anything like that — anything that touches on national security or critical national infrastructure — is something you don't just invite any old company in: you need to know that they've got credibility.
How advanced are some countries when it comes to opening these centers?
Wilcox: Different countries have approached it differently; I would say that everybody's looking at it similarly now as I think it's understood that having some kind of central [cybersecurity] authority is a good thing. Everybody thinks differently about where it should be housed: sometimes they want it housed under their Ministry of Defense or their Home Ministry or whatever the version is, and they are at different stages and thinking [about what they want] to do.
Over time, I think they will all develop and in the way that central banking authorities have effectively grown up in every country. I can see this is going to be something that if people haven't got them already, they're likely to want one.
How is the UK supporting the development of these centers?
Wilcox: The signing of the statement of intent with the government of Kuwait was after a number of years of discussion, and at this moment in time Kuwait is one of many countries around the world to have [cyber agencies] or [an] equivalent. Some don't yet, and some are still thinking about how they do it.
With Kuwait, we looked at how we can be the country that they turn to for the help, at least in setting that up and thinking it through and then developing it.
Some of [the support] is: How have you tackled certain approaches? Can we learn from your experience of creating cyber skills frameworks, or can an we learn from your experience of creating a national technical authority?
You start to develop a central authority, and this automatic question of where does it sit in government [arises]? What does it have the authority to be responsible for — or indeed dictate? Every country will think about it differently.
All we can do is explain our experience and it will help others to think through some of the things that really must happen for it to be successful.
How are these agencies and centers evolving?
Wilcox: Increasingly [the centers] have talked to each other across regions as well, and you see quite good regional collaboration. They know what they would like to have, and they know what the options are out there. We now see that the Gulf Cooperation Council has a Computer Emergency Readiness Team, for example.
About the Author(s)
With more than 20 years experience of B2B journalism, including 12 years covering cybersecurity, Dan Raywood brings a wealth of experience and information security knowledge to the table. He has covered everything from the rise of APTs, nation-state hackers, and hacktivists, to data breaches and the increase in government regulation to better protect citizens and hold businesses to account. Dan is based in the U.K., and when not working, he spends his time stopping his cats from walking over his keyboard and worrying about the (Tottenham) Spurs’ next match.
You May Also Like
Unbiased Testing. Unbeatable ResultsFeb 22, 2024
Unbiased Testing. Unbeatable ResultsFeb 22, 2024
Your Everywhere Security guide: Four steps to stop cyberattacksFeb 27, 2024
Your Everywhere Security Guide: 4 Steps to Stop CyberattacksFeb 27, 2024
API Security: Protecting Your Application's Attack SurfaceFeb 29, 2024
A screen displaying many different types of charts and graphs to show what data is being analyzed.Cybersecurity Analytics