CESG undertakes research into vulnerabilities and their potential threat to Government IT systems. Much of this research is done in-house, but we also work collaboratively with commercial organisations, academia, and independent researchers from around the world.

The vulnerability research activity helps inform CESG’s threat awareness, and the potential impact for electronic attack against Government systems. CESG, working closely with CPNI, engages with industry to resolve and mitigate the threat from identified vulnerabilities in products, protocols and systems.

CESG through its CERT function (GovCertUK) will regularly disclose information to its community, identifying possible threats, or providing technical best practice advice and guidance.