Strengthening Cyber Resilience: How NCSC Offers Free Tools through Active Cyber Defence Empowering UK Organisations
Guest blog by Anu Malhotra, Cyber Apprentice at MOD Cyber Industry Team
The NCSC’s mission is to make the UK the safest place to live and work online. As part of this mission, the NCSC defends the UK’s digital society and empowers organisations to improve their cyber resilience, to proactively protect themselves as cyber threats grow more sophisticated. According to the UK Government’s Cyber Security Breaches Survey 2025, 43% of UK businesses reported experiencing a cyber-attack or breach in the past year, yet only 15% conducted a cyber health check or audit. As threats continue to evolve, the need for robust, accessible defences is clearer than ever.
Active Cyber Defence (ACD) services help you to protect your organisation's critical services from cyber attacks, manage major incidents and improve the underlying security of the internet.
ACD significantly enhances the UK’s cyber resilience by providing free, effective tools that help organisations focus their resources on more complex threats, reducing overall risk from high-volume attacks.
Imagine instant self-service security checks, alerts before attacks hit, and expert-backed protection like email security assessments and malicious website takedowns-all at your fingertips. Signing up is simple: choose your ACD services through the NCSC, follow the clear guidance, and start using these free tools to safeguard your business and outsmart cyber criminals today.
- Early Warning: Adoption rose 29%. The NCSC flagged 181,180 vulnerable systems and issued alerts for malware infections on 117,700 IPs and 47,739 compromised servers, helping organisations stay ahead of threats. See video here
- Check Your Cyber Security: Usage jumped 82%, with over 33,000 IP checks uncovering 7,300+ vulnerabilities. Of 25,800 browser checks (up 76%), a third found out-of-date browsers, showing how risks can accumulate without proactive monitoring.
- Suspicious Email Reporting Service (SERS): Since April 2020, over 34.4 million reports have led to the removal of 351,000 scam URLs.
Key ACD Services
ACD offers a robust set of tools and services, including:
Self-Service Checks
These tools allow organisations to proactively assess and improve their own cyber culture:
- Check Your Cyber Security: Instantly assess your cyber security, including email standards, website/IP vulnerabilities and browser updates, without registration.
- Early Warning: Tailored alerts about attacks, vulnerabilities, or suspicious activity, analysing millions of daily data points for thousands of organisations.
- Exercise in a Box: Free online incident response exercises.
- Mail Check: Assess DMARC, SPF, MTA-STS, and inbound TLS policies (with some features discontinued from March 2025). Please see table below for reference.
|
Feature
|
Included (2025)
|
Discontinued (2025)
|
|
DMARC policy checks
|
✔
|
|
|
SPF policy checks
|
✔
|
|
|
MTA-STS policy checks
|
✔
|
|
|
Inbound TLS configuration
|
✔
|
|
|
DMARC aggregate reporting
|
|
✔
|
|
DMARC insights
|
|
✔
|
|
DKIM checks
|
|
✔
|
|
TLS-RPT monitoring
|
|
✔
|
Detections Deployed by Organisations
Organisations integrate services in this category into their environment to provide a protection or detection capability.
- Vulnerability disclosure: Amongst other services they have a vulnerability disclosure toolkit. Which guides organisations in setting up a clear, accessible process for reporting vulnerabilities. See video here
Disrupt and Defend
These tools and services work to block or disrupt malicious activity before it can impact organisations:
Why Choose ACD?
- Free and scalable for organisations of all sizes
- Automated, proactive threat detection and mitigation.
- User-friendly, requiring no deep cybersecurity expertise.
- Collaborative and transparent, fostering collective defence.
- Evidence-based, with continual improvement based on real-world data.
Get Involved: Strengthen Your Cyber Resilience Today
Cybersecurity is a collective responsibility. By adopting Active Cyber Defence, your organisation can:
- Reduce its exposure to common cyber threats.
- Build trust with customers and stakeholders.
- Contribute to the overall resilience of the UK’s digital ecosystem.
Join the growing community of organisations benefiting from the NCSC’s world-leading cyber defence capabilities. Explore ACD today and take a proactive step towards a safer digital future.
Read more: The Next Generation: Active Cyber Defence 2.0
Get ready for a new era in cyber defence. Active Cyber Defence 2.0 (ACD 2.0) is here to shake up the way the UK tackles online threats. Building on years of success, ACD 2.0 promises next-generation tools and services, designed to outsmart the latest cyber criminals and fill gaps the commercial market can’t yet reach. This is more than an upgrade: it is a bold call for partnership across government, industry, and academia, with experiments and innovation at its core. Want to be part of the future of cyber resilience? Discover what is coming and how you can get involved.
Sign up Here
Cyber Resilience Programme activities
techUK brings together key players across the cyber security sector to promote leading-edge UK capabilities, build networks and grow the sector. techUK members have the opportunity to network, share ideas and collaborate, enabling the industry as a whole to address common challenges and opportunities together. Visit the programme page here.
Upcoming events
Latest news and insights
Learn more and get involved
Cyber Resilience updates
Sign-up to get the latest updates and opportunities from our Cyber Resilience programme.
Meet the team
Jill Broom
Head of Cyber Resilience, techUK
Jill leads the techUK Cyber Security programme, having originally joined techUK in October 2020 as a Programme Manager for the Cyber and Central Government programmes. She is responsible for managing techUK's work across the cyber security ecosystem, bringing industry together with key stakeholders across the public and private sectors. Jill also provides the industry secretariat for the Cyber Growth Partnership, the industry and government conduit for supporting the growth of the sector. A key focus of her work is to strengthen the public–private partnership across cyber to support further development of UK cyber security and resilience policy.
Before joining techUK, Jill worked as a Senior Caseworker for an MP, advocating for local communities, businesses and individuals, so she is particularly committed to techUK’s vision of harnessing the power of technology to improve people’s lives. Jill is also an experienced editorial professional and has delivered copyediting and writing services for public-body and SME clients as well as publishers.
- Email:
- [email protected]
- Website:
- www.techuk.org/
- LinkedIn:
- https://www.linkedin.com/in/jill-broom-19aa824
Read lessmore
Annie Collings
Programme Manager, Cyber Resilience, techUK
Annie is the Programme Manager for Cyber Resilience at techUK. She first joined as the Programme Manager for Cyber Security and Central Government in September 2023.
In her role, Annie supports the Cyber Security SME Forum, engaging regularly with key government and industry stakeholders to advance the growth and development of SMEs in the cyber sector. Annie also coordinates events, engages with policy makers and represents techUK at a number of cyber security events.
Before joining techUK, Annie was an Account Manager at a specialist healthcare agency, where she provided public affairs support to a wide range of medical technology clients. She also gained experience as an intern in both an MP’s constituency office and with the Association of Independent Professionals and the Self-Employed. Annie holds a degree in International Relations from Nottingham Trent University.
- Email:
- [email protected]
- Twitter:
- anniecollings24
- LinkedIn:
- https://www.linkedin.com/in/annie-collings-270150158/
Read lessmore
Tracy Modha
Programme Marketing Assistant for Public Sector Markets, techUK
Tracy supports the marketing of several areas at techUK, including Cyber Exchange, Central Government, Cyber Resilience, Defence, Education, Health and Social Care, Justice and Emergency Services, Local Public Services, Nations and Regions and National Security.
Tracy joined techUK in March 2022, having worked in the education sector for 19 years, covering administration, research project support, IT support and event/training support. My most outstanding achievement has been running three very successful international conferences and over 300 training courses booked all over the globe!
Tracy has a great interest in tech. Gaming and computing have been a big part of her life, and now electric cars are an exciting look at the future. She has warmed to Alexa, even though it can sometimes be sassy!
- Email:
- [email protected]
- Phone:
- 02073312000
- Website:
- www.techuk.org
- LinkedIn:
- https://www.linkedin.com/in/tracymodha83
Read lessmore
Authors
Anu Malhotra
Cyber Apprentice, MOD Cyber Industry Team
