Timelines for migration to post-quantum cryptography
Activities which organisations must carry out to migrate safely to post-quantum cryptography in the coming years.
NCSC Feed
Setting direction for the UK's migration to post-quantum cryptography
3 days 5 hours ago
Why the key milestones for PQC migration are part of building and maintaining good cyber security practice.
A different future for telecoms in the UK
3 days 5 hours ago
NCSC Technical Director Dr Ian Levy explains the technical impact of the recent US sanctions on the security of Huawei equipment in the UK.
Security, complexity and Huawei; protecting the UK's telecoms networks
3 days 5 hours ago
With 5G set to transform mobile services, Ian Levy explains how the UK has approached telecoms security, and what that means for the future.
Use of Russian technology products and services following the invasion of Ukraine
3 days 5 hours ago
Cyber security – even in a time of global unrest – remains a balance of different risks. Ian Levy, the NCSC's Technical Director, explains why.
The future of telecoms in the UK
3 days 5 hours ago
NCSC Technical Director Dr Ian Levy explains how the security analysis behind the DCMS supply chain review will ensure the UK’s telecoms networks are secure – regardless of the vendors used.
So long and thanks for all the bits
3 days 5 hours ago
Ian Levy, the NCSC’s departing Technical Director, discusses life, the universe, and everything.
TLS 1.3: better for individuals - harder for enterprises
3 days 5 hours ago
The NCSC's technical director outlines the challenges that TLS 1.3 presents for enterprise security.
Thinking about the security of AI systems
1 week 3 days ago
Why established cyber security principles are still important when developing or implementing machine learning models.
There's a hole in my bucket
1 week 3 days ago
...or 'Why do people leave sensitive data in unprotected AWS S3 buckets?'
The problems with patching
1 week 3 days ago
Applying patches may be a basic security principle, but that doesn't mean it's always easy to do in practice.
The strength of the ICS COI is the team
1 week 3 days ago
Join the Industrial Control System Community of Interest (ICS COI), and help build CNI expertise across the UK.
The security benefits of modern collaboration in the cloud
1 week 3 days ago
By exploiting cloud services, organisations no longer have to choose between ‘more security’ and ‘better usability’.
The problems with forcing regular password expiry
1 week 3 days ago
Why the NCSC decided to advise against this long-established security guideline.
The logic behind three random words
1 week 3 days ago
Whilst not a password panacea, using 'three random words' is still better than enforcing arbitrary complexity requirements.
The future of Technology Assurance in the UK
1 week 3 days ago
Chris Ensor highlights some important elements of the NCSC's new Technology Assurance strategy.
The Cyber Assessment Framework 3.1
1 week 3 days ago
Latest version of the CAF focusses on clarification and consistency between areas of the CAF.
Thanking the vulnerability research community with NCSC Challenge Coins
1 week 3 days ago
Reflecting on the positive impact of the Vulnerability Reporting Service – and introducing something new for selected contributors.
Terminology: it's not black and white
1 week 3 days ago
The NCSC now uses 'allow list' and 'deny list' in place of 'whitelist' and 'blacklist'. Emma W explains why...
Telling users to ‘avoid clicking bad links’ still isn’t working
1 week 3 days ago
Why organisations should avoid ‘blame and fear’, and instead use technical measures to manage the threat from phishing.
Checked
3 hours 3 minutes ago
This includes feeds from report, guidance and blog-post
NCSC Feed feed