NCSC Feed

How to make sure your organisation is prepared for home working.

For environments that are secure by design, a 'full-fat SOC' is not always required.

New ACD services developed to help protect SMEs from the harms caused by cyber attacks.

Refreshed guidance published to help practitioners manage cyber risk.

An updated report from the NCSC explaining how UK law firms - of all sizes - can protect themselves from common cyber threats.

New advice on implementing high-risk and ‘break-glass’ accesses in cloud services.

Early Warning, one of the NCSC’s flagship ACD services, will be soon be migrated to the MyNCSC platform. Here we explain the background and what users can expect.

Traced Mobile Security co-founder Benedict Jones describes how 'NCSC for Startups' helped evolve his business.

How to set up and use video conferencing services, such as Zoom and Skype, safely and securely

Eleanor Fairford, Deputy Director of Incident Management at the NCSC, and Mihaela Jembei, Director of Regulatory Cyber at the Information Commissioner’s Office (ICO), reflect on why it’s so concerning when cyber attacks go unreported – and look at some of the misconceptions about how organisations respond to them.

Advice in response to the increase in sextortion scams

Catherine H reflects on how the changes to the refreshed Assured Cyber Security Consultancy scheme go deeper than just a new name - and welcomes two new consultancies to the scheme.

Launching a new Industry Assurance scheme aimed at helping the UK’s small organisations.

Lindy Cameron, CEO, introduces changes to the NCSC’s cyber security resources specifically designed for board members.

What the UK Cyber Security Council's Chartership programme means for the CCP scheme and the organisations who use CCP for recruitment and development.

Why it's important to protect the interfaces used to manage your infrastructure, and some recommendations on how you might do this.

Guidance for preventing lateral movement in enterprise networks.

Two ways organisations can enable access and maintain the security benefits of zero trust even when parts of the infrastructure can't implement the zero trust principles.

In our third blog about migrating to a zero trust architecture, we consider the security properties of an Always On VPN, and the factors to consider when deciding if you no longer need one.

How organisations working in high-risk countries can improve their cyber resilience.