NCSC Feed

CSPM tools are big business. Could they be the answer to your cloud configuration problems?

CRTFs are helping organisations to make informed, risk-based decisions on the adoption of technology products.

New principles help organisations to design, review, and secure connectivity to (and within) OT systems.

With GCAP, the UK government is taking decisive steps towards a safer, more resilient future.

How to make sure your organisation is prepared for home working.

How to protect yourself from the impact of data breaches

Advice in response to the increase in sextortion scams

Some tips on good diagram drafting and pitfalls to avoid when trying to understand a system in order to secure it.

How to defend organisations against malware or ransomware attacks.

An update on the NCSC's trials to test the real-world efficacy of cyber deception solutions.

Tips to help you purchase items safely and avoid fraudulent websites.

Advice for those concerned a device has been infected.

A step by step guide to recovering online accounts.

How to protect sensitive information about your setting and the children in your care from accidental damage and online criminals.

Check that you're talking to a genuine NCSC employee, and not a criminal.

Guidance for organisations wishing to deploy products that use IPsec.

There are crucial differences between prompt and SQL injection which – if not considered – can undermine mitigations.

Recommended profiles to securely configure TLS for the most common versions and scenarios, with additional guidance for managing older versions.

Research from the NCSC designed to eradicate vulnerability classes and make the top-level mitigations easier to implement.

How service owners should securely provision and manage certificates in the Web PKI.