The future of telecoms in the UK
NCSC Technical Director Dr Ian Levy explains how the security analysis behind the DCMS supply chain review will ensure the UK’s telecoms networks are secure – regardless of the vendors used.
NCSC Feed
So long and thanks for all the bits
4 months 2 weeks ago
Ian Levy, the NCSC’s departing Technical Director, discusses life, the universe, and everything.
TLS 1.3: better for individuals - harder for enterprises
4 months 2 weeks ago
The NCSC's technical director outlines the challenges that TLS 1.3 presents for enterprise security.
Thinking about the security of AI systems
4 months 3 weeks ago
Why established cyber security principles are still important when developing or implementing machine learning models.
There's a hole in my bucket
4 months 3 weeks ago
...or 'Why do people leave sensitive data in unprotected AWS S3 buckets?'
The problems with patching
4 months 3 weeks ago
Applying patches may be a basic security principle, but that doesn't mean it's always easy to do in practice.
The strength of the ICS COI is the team
4 months 3 weeks ago
Join the Industrial Control System Community of Interest (ICS COI), and help build CNI expertise across the UK.
The security benefits of modern collaboration in the cloud
4 months 3 weeks ago
By exploiting cloud services, organisations no longer have to choose between ‘more security’ and ‘better usability’.
The problems with forcing regular password expiry
4 months 3 weeks ago
Why the NCSC decided to advise against this long-established security guideline.
The logic behind three random words
4 months 3 weeks ago
Whilst not a password panacea, using 'three random words' is still better than enforcing arbitrary complexity requirements.
The future of Technology Assurance in the UK
4 months 3 weeks ago
Chris Ensor highlights some important elements of the NCSC's new Technology Assurance strategy.
The Cyber Assessment Framework 3.1
4 months 3 weeks ago
Latest version of the CAF focusses on clarification and consistency between areas of the CAF.
Thanking the vulnerability research community with NCSC Challenge Coins
4 months 3 weeks ago
Reflecting on the positive impact of the Vulnerability Reporting Service – and introducing something new for selected contributors.
Terminology: it's not black and white
4 months 3 weeks ago
The NCSC now uses 'allow list' and 'deny list' in place of 'whitelist' and 'blacklist'. Emma W explains why...
Telling users to ‘avoid clicking bad links’ still isn’t working
4 months 3 weeks ago
Why organisations should avoid ‘blame and fear’, and instead use technical measures to manage the threat from phishing.
Tackling the 'human factor' to transform cyber security behaviours
4 months 3 weeks ago
ThinkCyber's CEO Tim Ward reflects on the challenges that startups face when developing innovative products.
Supplier assurance: having confidence in your suppliers
4 months 3 weeks ago
Questions to ask your suppliers that will help you gain confidence in their cyber security.
Studies in secure system design
4 months 3 weeks ago
Worked examples for Operational Technology and Virtualised systems, using the NCSC’s secure design principles
Spotlight on shadow IT
4 months 3 weeks ago
New guidance to help organisations manage rogue devices and services within the enterprise.
Smart devices: new law helps citizens to choose secure products
4 months 3 weeks ago
Download the NCSC’s point-of-sale leaflet explaining how new PSTI regulation affects consumers and retailers.
Checked
10 hours 57 minutes ago
This includes feeds from report, guidance and blog-post
NCSC Feed feed