
Early Warning
Free NCSC service that alerts organisations to potential cyber incidents affecting their networks; made mandatory for UK Cyber Resilience Pledge signatories.
Last refreshed: 29 May 2026 · Appears in 1 active topic
How does enrolment in NCSC Early Warning reduce cyber risk for UK organisations?
Timeline for Early Warning
Mentioned in: UK cyber bill drops payment regime
Cybersecurity: Threats and DefencesMade mandatory for Cyber Resilience Pledge signatories
Cybersecurity: Threats and Defences: UK cyber sector clears 14.7bn poundsWhat is NCSC Early Warning and how do I sign up?
What does the Cyber Resilience Pledge require about Early Warning?
Is NCSC Early Warning suitable for small businesses?
Background
Early Warning became a mandatory commitment in the voluntary Cyber Resilience Pledge announced by DSIT in May 2026. The Pledge asks signatories to enrol in Early Warning as one of three core commitments alongside appointing a board-level cyber lead and attaining Cyber Essentials across supply chains. The Pledge launch coincided with the UK cyber sector's £14.7 billion annual revenue figures, framing it as both a growth enabler and a risk-reduction measure for the broader economy.
Early Warning is a free service run by the NCSC that alerts UK organisations to threats and vulnerabilities affecting their own IP address ranges and domains. It ingests threat-intelligence feeds, NCSC honeypot data, and partner data (including Shadowserver Foundation) to detect botnets, scanning activity, malware command-and-control traffic, and newly disclosed vulnerabilities affecting enrolled organisations' assets. Alerts are sent by email or API. Enrolment requires proof of domain or IP ownership. The service is available to any UK-registered organisation.
Early Warning sits at the base of the NCSC's proactive defence architecture, designed to extend professional-grade threat notification to organisations that cannot afford commercial threat-intelligence subscriptions. Its inclusion in the Resilience Pledge reflects the NCSC's strategy of using free services as a lever to improve national baseline cyber posture, particularly among SMEs and NHS-adjacent suppliers that are frequently targeted but under-resourced.