NCSCs Cyber Security Foundation

Overview

Cyber Security Foundation has been developed by and is under license from the National Cyber Security Centre (NCSC) and is exclusively available through QA.

Understand the landscape.

Recognise threats.

Respond with confidence.

Cyber threats are growing in pace and complexity – and awareness at every level is vital.

The Cyber Security Foundation course is designed for professionals working in or with government who need to build core cyber knowledge and skills. Delivered face-to-face by industry experts, it combines national guidance with real-world scenarios to deepen understanding and strengthen first-line defences.

Across four immersive days, learners explore the foundations of cyber security – from threat types and attack vectors to incident response and national policy.

With a focus on practical application, the course equips participants to spot vulnerabilities, reduce risk, and support stronger cyber decision-making.

Whether learners are new to cyber or want to build confidence, this course will help you explore real-world scenarios and national guidance, gaining the awareness needed to help protect organisations and support the UK’s cyber resilience.

Prerequisites

No prior technical knowledge is required.

Target Audience

This course is for UK government department employees only who require a foundational understanding of cyber security.

If this is not you, please consider our Foundation Certificate in Cyber Security (QAFCCS) course which is also NCSC accredited.

Objectives

• Strengthen your cyber awareness in a national security context.
• Understand current and emerging threats facing the UK.
• Build confidence in identifying, preventing and responding to attacks.
• Learn directly from NCSC-aligned guidance and frameworks.
• Support your department’s risk management, compliance and governance goals.

Outline

Over four immersive days, learner’s will explore:

Pillar 1 – Landscape

• Types of threats and threat actors
• Role of the NCSC and UK Cyber Security Strategy
• National and international regulation and standards
• Cyber risk management and governance

Pillar 2 – Technology

• Network components and vulnerabilities
• Malware types and notable attacks
• Internet of Things and system weaknesses

Pillar 3 – Prevention

• Key protective actions for individuals and teams
• Encryption and cloud security basics
• Managing your personal digital footprint

Pillar 4 – Response

• Signs of an attack and reporting processes
• Monitoring tools and response channels
• UK law enforcement and case studies of prosecutions