August 2, 2024 at 06:43AM
The UK’s NCSC plans to launch ACD 2.0, a refreshed suite of cyber defense services. Specific details are yet to be revealed, but key principles include providing unique capabilities and transferring services to other government or industry partners within three years. The NCSC seeks input from various sectors for future developments, aiming to enhance national resilience against cyber threats.
Summary:
The UK’s National Cyber Security Centre (NCSC) is in the planning stages of implementing ACD 2.0, a new suite of services to refresh its existing Active Cyber Defence (ACD) program. While specifics of ACD 2.0 are currently unspecified, the guiding principles include delivering unique capabilities without market overlaps and divesting services to other government or industry partners within three years.
ACD 1.0 services such as Logging Made Easy and Protective DNS (PDNS) are already run by external partners, and the decision to divest services is not finance-driven but aims to continually add value to the market. The NCSC is seeking input from partners across government, industry, and academia for the development of capabilities and experiments for ACD 2.0. Ollie Whitehouse, CTO at the NCSC, highlighted ongoing experiments to address attack surface management solutions and emphasized the importance of driving up external resilience.
ACD targets high-volume commodity attacks and focuses on early-stage ransomware detection and prevention with its Early Warning and Mail Check services respectively. Services like Share and Defend combine capabilities to share intelligence with industry partners for proactive protections against cyber threats. ACD 2.0 continues to focus on commodity attacks and may explore imposing costs on more sophisticated threat actors.