NCSC Feed

Raising a cheer for SaaS vendors who respond to our cloud security principles.

NCSC Technical Director Dr Ian Levy explains how the security analysis behind the DCMS supply chain review will ensure the UK’s telecoms networks are secure – regardless of the vendors used.

A summary of the NCSC’s security analysis for the UK telecoms sector

How Platform as a Service (PaaS) can make good security easier to achieve.

Assessing the cyber security threat to UK Universities

Cyber incident trends in the UK with guidance on how to defend against, and recover from them.

Our research shows that using Serverless components makes it easier to get good security in the cloud

What you need to know before buying artificially intelligent security products

Applying patches may be a basic security principle, but that doesn't mean it's always easy to do in practice.

Publication of the UK’s process for how we handle vulnerabilities.

Non-email sending (parked) domains can be used to generate spam email, but they're easy to protect.

Using the Cloud Security Principles to evaluate the suitability of a cloud service.

Advice for organisations on the acquisition, management and disposal of network devices.

An outline of the NCSC's approach to understanding the security of Software as a Service (SaaS) offerings.

Guidance for enterprise administrators who want to reduce the likelihood of being held to ransom by WannaCry (or other types of ransomware).

If your security culture isn't improving naturally, here's what you can do about it.

Here we explain a bit about maturity models, look at how they've been used for cyber security, and explain why the NCSC is no longer supporting the IA Maturity Model (IAMM) introduced in 2008.

Making sense of cyber security in OT environments

First joint National Cyber Security Centre (NCSC) and National Crime Agency (NCA) report published today.