UK's National Cyber Security Centre needs its posh Westminster digs, says Cabinet Office, because of WannaCry Parliamentary criticism of the National Cyber Security Centre's "image over cost" London HQ is being shrugged off by the government because of the GCHQ offshoot's successful response to the WannaCry ransomware outbreak. George "Eleventy Jobs" Osborne, who at the time of NCSC's establishment in 2016 was the Chancellor of the …
the Cabinet Office said GCHQ had since set up "an internal Commercial and Legal Oversight Group" to ensure blah, blah, blah, blah, blah ...
For short, a committee has been set up. What is the true definition of a FUBAR?
Wait for it, wait for it, wait for it.
A committee will let you know, in 12 months time, a draft report of the true definition of a FUBAR.
Not like a government to take the kudos for someone elses work...
Also, the cyber boys might regret wanting to be so close to Westminster... Being close means that they will get embroiled in those bun-fights.... I have worked with the CS before, and unless you are born into it - you are better off out of it - as you will loose every tussle.
Arse covering is what the UKCS does best.
Alongside its (probably largely covert) practical cyber security function, there is inevitably a big PR element, so the choice of HQ could to some extent have been dictated by this.
However in many ways it's typical of all government agencies. It's hard to contact and unresponsive when you finally succeed in doing so. It certifies top level cyber security professionals but doesn't publish a register of those certified so you can't find one except by chance. Although certifications run for several years, it keeps changing the criteria for certification every few years, so it's not clear at any moment exactly what an individual's certification means. It has an entirely script driven web site (a self-declared "app") that can only be viewed if you turn off all security controls in your browser (you can't even see contact information with scripts disabled). The list goes on and on... This is just what we've come to expect from governments, but in most cases it's a bit less critical as we head towards an entirely "digital" society.
For businesses they actually do quite a lot - there are a series of industry-specific forums (CiSP) to share information and intelligence about current and emerging threats, and they have a very handy service called Early Warning where you can register your domain names and IP subnets to receive early warning information if they appear on a number of blacklists, including several that aren't commercially available.
I'd strongly encourage any sysadmin to get their company to register with Early Warning (https://www.ncsc.gov.uk/information/early-warning-service). CiSP is less convenient for small businesses but again I'd say essential for anyone who is part of an IT Security team or has sufficient spare resource to spend the time monitoring the forums.
Posting from a former civil servant who using to work at Spy Central*.
For engineering & IT, you got a basic income (Hr bod / Manager HR bod/ etc) + Technology extra income.
This equated to ~mid market rate.
However, every ~9 years, a hr or beancounter would reset the Technology extra income to zero for all. Although you wouldn't lose any money, you would be marking time. Usually the bright bods would leave (especially the single ones). After 3 years (and probably the hr/beancounter has moved on), management will pick up on the fact that engineering & IT are haemorrhaging staff, so put back the Technology extra income.
* Reported by Gloucestershire Echo
One thing that's been shown repeatedly when moving government departments out to the sticks.
While it may indeed save money, everyone who's not utterly shit and can thus easily get another job convenient to where they are, tells 'em to shove their relocation where the sun shineth. The invariable result is a much cheaper department now staffed solely by time-serving losers, many of whom are then promoted using the Peter Principle to fill the gaps in the organisation.
They then proceed to backfill using local hire and find out the hard way why the office space was so cheap...
Yes because Shoreditch and Canary wharf are sooooo far away from Central London.
7 stops on the Jubilee line gets you from Westminster to Canary Wharf.
9 Stops on the Circle/District line gets you to Liverpool Street which coupled with a 10minute walk gets you to Shoreditch high street.
So maybe 20 minutes travel time total. Considering that no one below the rank of Executive lives within 5km of Westminster and as such your average workers are already coming from somewhere else in London, which probably has better connections to Liverpool Street/Shoreditch or Canary Wharf, then I doubt you would see a mass exodus as if you were moving to say Royal Tunbridge Wells (for example).
NCSC used to be in Palmer Street[1]. Also, needed to near MI5 & MI6 (apparently).
The Register 
Biting the hand that feeds IT
Copyright. All rights reserved © 1998–2024
