The cyber security (or information assurance) community in the

United Kingdom The United Kingdom of Great Britain and Northern Ireland, commonly known as the United Kingdom (UK) or Britain, is a country in Europe, off the north-western coast of the European mainland, continental mainland. It comprises England, Scotlan ...

is diverse, with many stakeholders groups contributing to support the '' UK Cyber Security Strategy''. The following is a list of some of these stakeholders.

Government

According to a parliamentary committee the UK government is not doing enough to protect the nation against cyber attack.

Cyber Aware

Cyber Aware is a cross-government awareness and behaviour campaign which provides advice on the simple measures individuals can take to protect themselves from cyber crime.

Department for Digital, Culture, Media and Sport

The

Department for Digital, Culture, Media and Sport , type = Department , logo = Department for Digital, Culture, Media and Sport logo.svg , logo_width = , logo_caption = , seal = , seal_width = , seal_caption = , picture = Gove ...

is one of the lead government departments on cyber security policy, responsible for supporting & promoting the UK cyber security sector, promoting cyber security research and innovation, and working with the National Cyber Security Centre to help ensure all UK organisations are secure online and resilient to cyber threats.

Get Safe Online

Get Safe Online is a United Kingdom-based campaign and national initiative to teach citizens about basic computer security and

internet privacy Internet privacy involves the right or mandate of personal privacy concerning the storing, re-purposing, provision to third parties, and displaying of information pertaining to oneself via Internet. Internet privacy is a subset of data privacy. Pr ...

National Crime Agency (NCA)

The

National Crime Agency The National Crime Agency (NCA) is a national law enforcement agency in the United Kingdom. It is the UK's lead agency against organised crime; human, weapon and drug trafficking; cybercrime; and economic crime that goes across regional and in ...

(NCA) hosts the law enforcement cyber crime unit, incorporating the

Child Exploitation and Online Protection Centre A child ( : children) is a human being between the stages of birth and puberty, or between the developmental period of infancy and puberty. The legal definition of ''child'' generally refers to a minor, otherwise known as a person younger ...

National Cyber Force (NCF)

The National Cyber Force consolidates offensive cyber capabilities from the Ministry of Defence and

GCHQ Government Communications Headquarters, commonly known as GCHQ, is an intelligence and security organisation responsible for providing signals intelligence (SIGINT) and information assurance (IA) to the government and armed forces of the Uni ...

National Cyber Security Centre

The National Cyber Security Centre is the UK’s authority on cyber security; its parent organisation is

. It absorbed and replaced CESG (the information security arm of GCHQ) as well as the Centre for Cyber Assessment (CCA), Computer Emergency Response Team UK (CERT UK) and the cyber-related responsibilities of the

Centre for the Protection of National Infrastructure The Centre for the Protection of National Infrastructure (CPNI) is the United Kingdom government authority which provides protective security advice to businesses and organisations across the national infrastructure. Their advice aims to reduc ...

(CPNI). NCSC provides advice and support for the public and private sector in how to avoid cyber threats. CESG (originally Communications-Electronics Security Group) was a branch of GCHQ which worked to secure the communications and information systems of the government and critical parts of UK national infrastructure. The Centre for the Protection of National Infrastructure (CPNI) provided protective security advice to businesses and organisations across the national infrastructure.

National Security Council

The National Security Council is a Cabinet committee tasked with overseeing all issues related to national security, intelligence coordination, and defence strategy.

Office of Cyber Security and Information Assurance

The

Office of Cyber Security and Information Assurance An office is a space where an organization's employees perform administrative work in order to support and realize objects and goals of the organization. The word "office" may also denote a position within an organization with specific du ...

(OCSIA) supports the Minister for the Cabinet Office, the Rt Hon

Francis Maude Francis Anthony Aylmer Maude, Baron Maude of Horsham, (born 4 July 1953) is a British Conservative Party politician and life peer who served as Minister of State for Trade and Investment from 2015 to 2016, having previously served as Minis ...

MP and the National Security Council in determining priorities in relation to securing cyberspace. The unit provides strategic direction and coordinates action relating to enhancing cyber security and information assurance in the UK. The OCSIA is headed by James Quinault.

Trustworthy Software Initiative

The Trustworthy Software Initiative (TSI) is a UK public good activity, sponsored by the UK government's

, aimed at 'making software better'.

Warning, Advice and Reporting Points (WARPs)

Warning, Advice and Reporting Points (

WARP Warp, warped or warping may refer to: Arts and entertainment Books and comics * WaRP Graphics, an alternative comics publisher * ''Warp'' (First Comics), comic book series published by First Comics based on the play ''Warp!'' * Warp (comics), a ...

s) provide a trusted environment where members of a community can share problems and solutions.

Professional bodies and industry groups

UK Cyber Security Forum

The

UK Cyber Security Forum The UK Cyber Security Forum is a social enterprise spanning the United Kingdom, representing small and medium-sized enterprises (SMEs) in the UK cyber sector. It is divided up into 20 regional cyber clusters which provide free membership and event ...

is a social enterprise representing cyber SME's (Small and Medium Enterprise) in the UK. The forum is composed of 20 regional cyber clusters around the UK. Each cluster is run as a subsidiary of the UK Cyber Security Forum and all are operated by groups of volunteers. They provide events around the UK to engage the public in

cyber security Computer security, cybersecurity (cyber security), or information technology security (IT security) is the protection of computer systems and networks from attack by malicious actors that may result in unauthorized information disclosure, the ...

and to provide continued professional development to cyber professionals. The official clusters are:

ADS" \n\nads.txt (Authorized Digital Sellers) is an initiative from IAB Technology Laboratory. It specifies a text file that companies can host on their web servers, listing the other companies authorized to sell their products or services. This is des ...

is a trade organisation for companies operating in the UK aerospace, defence, security and space industries.

Business Continuity Institute (BCI)

The

Business Continuity Institute The Business Continuity Institute (BCI) was established in 1994 by Andrew Hiles and others, evolving from the Survive Group - a network of disaster recovery and business continuity experts. The Institute's initial vision was to enable individual ...

(BCI) was established in 1994 to enable individual members to obtain guidance and support from fellow business continuity practitioners. BCI has a six certification standards to ensure individual practitioners literacy in organizations, responses, and other strategies.

Council of Registered Ethical Security Testers (CREST)

Not for profit accreditation and certification organization. CREST does not have its own study material and leverage on 3rd party coursework so that the member can become certified. As of 24/8/2022, the cost of CREST membership is 5000GBP for Membership of one country Chapter and 25000GBP for a regional membership. On two occasions between 2012 and 2014, the examination-related activities of one of more NCC Group employees and candidates breached the CREST Code of Conduct and NCC Group was, as their employer, vicariously responsible for those individuals at the time

Crypto Developers Forum

The CDF promotes the global interests of the UK crypto development industry.

Information Assurance Advisory Council (IAAC)

The Information Assurance Advisory Council (IAAC) works across industry, government and academia towards ensuring the UK’s information society has a robust, resilient and secure foundation. The IAAC was set up by

Baroness Neville-Jones Baron is a rank of nobility or title of honour, often hereditary, in various European countries, either current or historical. The female equivalent is baroness. Typically, the title denotes an aristocrat who ranks higher than a lord or knig ...

who chaired the organisation until 2007, handing over to the current chairman Sir

Edmund Burton Lieutenant-General Sir Edmund Fortescue Gerard Burton KBE (born 20 October 1943) is a former British Army officer who became Deputy Chief of the Defence Staff (Systems). Military career Educated at Cheltenham College and Trinity Hall, Cambri ...

. Affiliates include

BT Group BT Group plc ( trading as BT and formerly British Telecom) is a British multinational telecommunications holding company headquartered in London, England. It has operations in around 180 countries and is the largest provider of fixed-line, bro ...

Northrop Grumman Northrop Grumman Corporation is an American multinational aerospace and defense technology company. With 90,000 employees and an annual revenue in excess of $30 billion, it is one of the world's largest weapons manufacturers and military techn ...

, QinetiQ,

Raytheon Raytheon Technologies Corporation is an American multinational aerospace and defense conglomerate headquartered in Arlington, Virginia. It is one of the largest aerospace and defense manufacturers in the world by revenue and market capitali ...

PwC PricewaterhouseCoopers is an international professional services brand of firms, operating as partnerships under the PwC brand. It is the second-largest professional services network in the world and is considered one of the Big Four accounting ...

O2 UK O₂ UK (legally incorporated as Telefonica UK Limited, stylized as O₂) is a British telecommunications services provider, headquartered in Slough, England. It operates under the O2 brand. It is owned by Virgin Media O2, a 50:50 joint ventu ...

Ultra Electronics Ultra Electronics Holdings is a British defence and security company. It was listed on the London Stock Exchange and was a constituent of the FTSE 250 Index until it was acquired by Cobham, which is itself owned by Advent International. Histo ...

and GlaxoSmithKline. The 2012/13 work programme focused on consumerisation and its effects on information assurance.

Information Assurance Collaboration Group (IACG)

The IACG was formed following the UK's national IA conference in 2006. The IACG encourages greater collaboration between the commercial supply base for

information assurance Information assurance (IA) is the practice of assuring information and managing risks related to the use, processing, storage, and transmission of information. Information assurance includes protection of the integrity, availability, authenticity, ...

products and services operating within the UK public sector. Stakeholders include CESG, BIS, the Office of Cyber Security and Information Assurance ( OCSIA), Cyber Security Operations Centre (CSOC), and the CPNI. The group maintains the UK information assurance community map, hosted on the CESG's web site. It has two co-chairs: Colin Robbins of

Nexor Nexor Limited is a privately held company based in Nottingham, providing product and services to safeguard government, defence and critical national infrastructure computer systems. It was originally known as X-Tel Services Limited. History Ne ...

and Ross Parsell of Thales. The IACG ceased operation in 2014.

Information Systems Security Association (ISSA)

The

Information Systems Security Association Information Systems Security Association (ISSA) is a not-for-profit, international professional organization of information security professionals and practitioners. It was founded in 1984, after work on its establishment started in 1982. ISSA pro ...

(ISSA) is a not-for-profit, international professional organization of information security professionals and practitioners. There is a UK chapter.

Institute of Information Security Professionals (IISP)

The

Institute of Information Security Professionals The Chartered Institute of Information Security (CIISec), formerly the Institute of Information Security Professionals (IISP), is an independent, not-for-profit body governed by its members, with the principal objective of advancing the professio ...

(IISP) is an independent, non-profit body governed by its members, with the principal objective of advancing the professionalism of information security practitioners and thereby the professionalism of the industry as a whole.

ISACA

ISACA ISACA is an international professional association focused on IT (information technology) governance. On its IRS filings, it is known as the Information Systems Audit and Control Association, although ISACA now goes by its acronym only.

is an international professional association that deals with IT governance. Previously known as the Information Systems Audit and Control Association.

(ISC)²

(ISC)² The International Information System Security Certification Consortium, or (ISC)2, is a non-profit organization which specializes in training and certifications for cybersecurity professionals. It has been described as the "world's largest IT secu ...

is the International Information Systems Security Certification Consortium is a non-profit organization which specializes in information security education and certifications.

NDI UK

NDI is a former government-funded organisation building supply chains for the MOD and manufacturers using SMEs in the United Kingdom.

TechUK

: TechUK, formerly known as Intellect, is a UK

trade association A trade association, also known as an industry trade group, business association, sector association or industry body, is an organization founded and funded by businesses that operate in a specific industry. An industry trade association partic ...

for the technology industry. It has a

Cyber Security Computer security, cybersecurity (cyber security), or information technology security (IT security) is the protection of computer systems and networks from attack by malicious actors that may result in unauthorized information disclosure, the ...

Group focused on “high threat” areas – including defence, national security and resilience, protection of critical national infrastructure, intelligence, and organised crime, chaired by Dr Andrew Rogoyski of

Roke Manor Research Roke Manor Research Limited is a British company based at Roke Manor near Romsey, Hampshire, which conducts research and development in the fields of communications, networks, electronic sensors, artificial intelligence, machine learning, data ...

. The Security and Resilience Group works to build relationships between the technology industry and policymakers, customers and end users, and is chaired by Stephen Kingan of

Tigerscheme

Tigerscheme is a commercial certification scheme for technical security specialists, backed by university standards and covering a wide range of expertise. Tigerscheme is CESG certified in the UK and candidates are subject to an independent rigorous academic assessment authority. Tigerscheme was founded in 2007 on the principle that a commercial certification scheme run on independent lines would give buyers of security testing services confidence that they were hiring a recognised and reputable company. In June 2014 the operational authority for Tigerscheme was transferred to USW Commercial Services Ltd.

UK Cloud Pooled Audit Group (UK CPAG)

UK CPAG is a membership organisation consisting of the UK's largest banks. Established in 2020 with a mission to use the collective power of the banks to audit Cloud Service Providers such as Google, Amazon and Microsoft. The group is operated by the

Worshipful Company of Information Technologists The Worshipful Company of Information Technologists, also known as the Information Technologists' Company, is one of the livery companies of the City of London. The company was granted livery status by the Court of Aldermen on 7 January 1992, ...

UK Council for Electronic Business

: UKCeB is a not-for-profit, membership organisation whose mission is to transform secure information sharing for through life collaboration in defence acquisition and support.

British Computer Society (BCS)

The British Computer Society (BCS) is a professional body and a learned society that represents those working in information technology both in the United Kingdom and internationally. It has a security, data and privacy group.

Cyber Scheme

The Cyber Scheme is a not for profit professional examination body under contract to the National Cyber Security Centre to provide technical exams in support of the Governments assured Penetration testing company scheme CHECK. The exams are independent and rigorous and are conducted for Practitioner Team member level and Team leader levels.

Association of Cyber Forensics and Threat Investigators (ACFTI)

The Association of Cyber Forensics and Threat Investigators (ACFTI) is a not-for-profit, international professional organization focusing on the academics and research of cybersecurity, digital forensics, incident response, and threat investigations and their influence to the society. The vision of the Association is to promote research and education in cybersecurity, digital forensics, incident response, and threat investigations fields and to contribute to the creation and dissemination of knowledge and technology in these domains.

Academic

Academic Centres of Excellence in Cyber Security Research

NCSC has accredited several Academic Centres of Excellence in Cyber Security Research: * Queen's University Belfast *

University of Birmingham The University of Birmingham (informally Birmingham University) is a Public university, public research university located in Edgbaston, Birmingham, United Kingdom. It received its royal charter in 1900 as a successor to Queen's College, Birmingha ...

University of Bristol , mottoeng = earningpromotes one's innate power (from Horace, ''Ode 4.4'') , established = 1595 – Merchant Venturers School1876 – University College, Bristol1909 – received royal charter , type ...

University of Cambridge The University of Cambridge is a public collegiate research university in Cambridge, England. Founded in 1209 and granted a royal charter by Henry III in 1231, Cambridge is the world's third oldest surviving university and one of its most pr ...

* Cardiff University *

De Montfort University De Montfort University Leicester (DMU) is a public university in the city of Leicester, England. It was established in accordance with the Further and Higher Education Act in 1992 as a degree awarding body. The name De Montfort University was tak ...

University of Edinburgh The University of Edinburgh ( sco, University o Edinburgh, gd, Oilthigh Dhùn Èideann; abbreviated as ''Edin.'' in post-nominals) is a public research university based in Edinburgh, Scotland. Granted a royal charter by King James VI in 15 ...

University of Kent , motto_lang = , mottoeng = Literal translation: 'Whom to serve is to reign'(Book of Common Prayer translation: 'whose service is perfect freedom')Graham Martin, ''From Vision to Reality: the Making of the University of Kent at Canterbury'' ...

* King's College London * Lancaster University *

Imperial College London Imperial College London (legally Imperial College of Science, Technology and Medicine) is a public research university in London, United Kingdom. Its history began with Prince Albert, consort of Queen Victoria, who developed his vision for a cu ...

University College London , mottoeng = Let all come who by merit deserve the most reward , established = , type = Public research university , endowment = £143 million (2020) , budget = ...

* Royal Holloway, University of London * Newcastle University * Northumbria University *

University of Oxford , mottoeng = The Lord is my light , established = , endowment = £6.1 billion (including colleges) (2019) , budget = £2.145 billion (2019–20) , chancellor ...

University of Southampton , mottoeng = The Heights Yield to Endeavour , type = Public research university , established = 1862 – Hartley Institution1902 – Hartley University College1913 – Southampton University Coll ...

* University of Surrey *

University of Warwick , mottoeng = Mind moves matter , established = , type = Public research university , endowment = £7.0 million (2021) , budget = £698.2 million (2020� ...

University of South Wales Information Security Research Group

The Information Security Research Group (ISRG) at the

University of South Wales The University of South Wales ( cy, Prifysgol De Cymru) is a public university in Wales, with campuses in Cardiff, Newport and Pontypridd. It was formed on 11 April 2013 from the merger of the University of Glamorgan and the University of Wa ...

is a multidisciplinary team of academics and industrial experts focusing upon cyber security. In particular the group is focusing upon: * Network security * Intrusion detection and wireless security * Penetration testing and vulnerability assessment * Computer forensics and digital evidence visualisation * Threat assessment and risk management

De Montfort University Cyber Security Centre

The Cyber Security Centre (CSC) at

is a multidisciplinary group of academics who focus on a wide variety of cyber security and digital forensics issues. The Centre's mission is to provide the full benefits to all of a safe, secure and resilient cyberspace.

References

{{reflist, 25em Computer security organizations Cybercrime in the United Kingdom Internet in the United Kingdom