The problems with patching
Applying patches may be a basic security principle, but that doesn't mean it's always easy to do in practice.
NCSC Feed
The strength of the ICS COI is the team
1 month 2 weeks ago
Join the Industrial Control System Community of Interest (ICS COI), and help build CNI expertise across the UK.
The security benefits of modern collaboration in the cloud
1 month 2 weeks ago
By exploiting cloud services, organisations no longer have to choose between ‘more security’ and ‘better usability’.
The problems with forcing regular password expiry
1 month 2 weeks ago
Why the NCSC decided to advise against this long-established security guideline.
The logic behind three random words
1 month 2 weeks ago
Whilst not a password panacea, using 'three random words' is still better than enforcing arbitrary complexity requirements.
The future of Technology Assurance in the UK
1 month 2 weeks ago
Chris Ensor highlights some important elements of the NCSC's new Technology Assurance strategy.
The Cyber Assessment Framework 3.1
1 month 2 weeks ago
Latest version of the CAF focusses on clarification and consistency between areas of the CAF.
Thanking the vulnerability research community with NCSC Challenge Coins
1 month 2 weeks ago
Reflecting on the positive impact of the Vulnerability Reporting Service – and introducing something new for selected contributors.
Terminology: it's not black and white
1 month 2 weeks ago
The NCSC now uses 'allow list' and 'deny list' in place of 'whitelist' and 'blacklist'. Emma W explains why...
Telling users to ‘avoid clicking bad links’ still isn’t working
1 month 2 weeks ago
Why organisations should avoid ‘blame and fear’, and instead use technical measures to manage the threat from phishing.
Tackling the 'human factor' to transform cyber security behaviours
1 month 2 weeks ago
ThinkCyber's CEO Tim Ward reflects on the challenges that startups face when developing innovative products.
Supplier assurance: having confidence in your suppliers
1 month 2 weeks ago
Questions to ask your suppliers that will help you gain confidence in their cyber security.
Studies in secure system design
1 month 2 weeks ago
Worked examples for Operational Technology and Virtualised systems, using the NCSC’s secure design principles
Spotlight on shadow IT
1 month 2 weeks ago
New guidance to help organisations manage rogue devices and services within the enterprise.
Smart devices: new law helps citizens to choose secure products
1 month 2 weeks ago
Download the NCSC’s point-of-sale leaflet explaining how new PSTI regulation affects consumers and retailers.
SCADA 'in the cloud': new guidance for OT organisations
1 month 2 weeks ago
If migrating SCADA solutions to the cloud, cyber security must be a key consideration for operational technology organisations.
SBOMs and the importance of inventory
1 month 2 weeks ago
Can a Software Bill of Materials (SBOM) provide organisations with better insight into their supply chains?
RITICS: Securing cyber-physical systems
1 month 2 weeks ago
Discover the Research Institute in Trustworthy Inter-connected Cyber-physical Systems.
Revolutionising identity services using AI
1 month 2 weeks ago
The ‘NCSC for Startups’ alumnus giving identity verification the 'Trust Stamp'
Researching the hard problems in hardware security
1 month 2 weeks ago
Introducing the next chapter of the NCSC research problem book, which aims to inspire research on the biggest impact topics in hardware cyber security.
Checked
2 hours 32 minutes ago
This includes feeds from report, guidance and blog-post
NCSC Feed feed