Jun 25th, 2025
3 mins
The National Cyber Security Centre (NCSC) have developed an early warning system which will inform your organisation of potential cyber-attacks on your network, as soon as possible, potentially giving you the crucial time needed to combat it. Any organisation with a UK-based website can sign up for the FREE service here
Cyber security researchers will often uncover malicious activity on the internet or discover weaknesses in organisations security controls and release this information in information feeds. In addition, the NCSC or its partners may uncover information that is indicative of a cyber security compromise on a network.
The NCSC’s Early Warning uses information feeds from NCSC, trusted public, commercial and closed sources, which includes several privileged feeds which are not available elsewhere.
Two types of daily and weekly reports received directly to your email will alert your organisation about potential attacks on your network.
Organisations will receive the following high-level types of alerts, tailored to the information they registered with:
Incident Notifications
suggest an active compromise of your system.
For example: A host on your network has most likely been infected with a strain of malware.
Network Abuse Events
Indicates that your assets have been associated with malicious or undesirable activity.
For example: A client on your network has been detected scanning the internet.
Vulnerability and Open Port Alerts
Indicates vulnerable services running on your network, or potentially undesired applications are exposed to the internet.
For example: You have a vulnerable application, or you have an exposed Elasticsearch service.
Note: Early Warning does not conduct any active scanning of your networks itself but uses information from other similar networks.
