4th August 2024, Kathmandu
“Explore NCSC’s ACD 2.0, an updated Active Cyber Defense initiative featuring advanced tools to combat emerging cyber threats. Learn about the new services, industry collaboration, and plans for long-term management to enhance UK cyber resilience.”
NCSC ACD 2.0
ACD 2.0 will introduce a new suite of advanced cybersecurity tools and services designed to address gaps in the current commercial market.
Additionally, the NCSC will review its existing tools and services and consider transferring the management of these services to the private sector “where and when appropriate.”
The goal is to transition most of these successful new services within three years to another government entity or the private sector for long-term management.
More details on the divestment plans will be shared in September.
The development of ACD 2.0 is a response to the changing cyber threat landscape, including evolving phishing attacks and the types of services available in the cybersecurity commercial market.
This initiative aims to fulfill the overarching goal of ACD: to “protect the majority of people in the UK from the majority of the harm caused by the majority of cyber-attacks most of the time.”
ACD’s Success and the Need to Evolve
Launched in 2017, ACD initially offered four areas of free services to UK government departments to enhance their basic cybersecurity. These areas include:
Self-service checks: Early warning systems
Detections deployed by organizations: Protective Domain Name Service (DNS) filtering and Vulnerability Disclosure
Disrupt and defend: Suspicious Email Reporting Service (SERS) and Share and Defend Capability
Enablers: Common platforms supporting multiple ACD services
Following its success in reducing common attack vectors like phishing within the government, the program has been extended to all sectors across the UK.
The NCSC’s sixth annual ACD report in July 2023 highlighted the program’s increasing adoption and success, including a record-breaking 7.1 million reports of potentially malicious emails to SERS and a 60% increase in the use of its Mail Check service, which improves compliance with Domain-based Message Authentication, Reporting, and Conformance (DMARC) and other email anti-spoofing/privacy controls.
The NCSC acknowledged that the range of services offered via ACD has remained largely consistent since 2017, whereas private sector cyber capabilities have advanced.
Therefore, the UK government agency, part of GCHQ, indicated a need to broaden ACD’s reach, as its original services were primarily aimed at the public sector.
NCSC to Conduct Tests to Develop Services
The NCSC’s initial step is to examine its attack surface management suite, which includes Check, Mail Check, and Early Warning.
The agency will conduct experiments alongside industry providers to enhance these services.
The NCSC has also invited industry participation for any attack surface management products or ideas for future experiments.
“We want ACD 2.0 to be a partnership across the NCSC, the cybersecurity community in government, and crucially with industry and academia. Combined with our unique organization, we can have a disproportionate impact on cyber resilience at scale,” the NCSC stated in its announcement.
