The security benefits of modern collaboration in the cloud
By exploiting cloud services, organisations no longer have to choose between ‘more security’ and ‘better usability’.
NCSC Feed
Not perfect, but better: improving security one step at a time
2 years 5 months ago
Why striving for better (rather than perfect) security will help more people stay safer online.
Living with password re-use
2 years 5 months ago
In a perfect world we'd use unique passwords for every online service. But the world isn't perfect...
Even Jedi can't achieve Password Perfection
2 years 5 months ago
Emma W on why supporting users to do the right things is better then telling them what to do.
Let them paste passwords
2 years 5 months ago
Allow your website to accept pasted passwords - it makes your site more secure, not less.
The problems with forcing regular password expiry
2 years 5 months ago
Why the NCSC decided to advise against this long-established security guideline.
MIKEY-SAKKE frequently asked questions
2 years 5 months ago
A brief guide to MIKEY-SAKKE, a protocol that allows organisations to provide secure communications with end-to-end encryption.
Log4j vulnerability: what should boards be asking?
2 years 5 months ago
Advice for board members of medium to large organisations that are at risk from the Apache Log4j vulnerability.
The rise of ransomware
2 years 5 months ago
Toby L, Technical Lead for Incident Management, explains how modern-day ransomware attacks are evolving.
Dealing with the SolarWinds Orion compromise
2 years 5 months ago
Immediate actions for all organisations using the SolarWinds Orion suite of IT management tools
How Rebellion Defence used NCSC For Startups to accelerate product development
2 years 5 months ago
Unparalleled access to skilled users transformed Rebellion Defence’s product roadmap.
Design guidelines for high assurance products
2 years 5 months ago
Approaches to the design, development and assessment of products capable of resisting elevated threats.
TLS 1.3: better for individuals - harder for enterprises
2 years 5 months ago
The NCSC's technical director outlines the challenges that TLS 1.3 presents for enterprise security.
Time to KRACK the security patches out again
2 years 5 months ago
Andrew A puts some context around the recently published KRACK guidance and explains why patching - once again - is the answer.
'WannaCry' ransomware: guidance updates
2 years 5 months ago
Jon L provides an update on the NCSC's guidance on the 'WannaCry' ransomware.
Finding the kill switch to stop the spread of ransomware
2 years 5 months ago
MalwareTech's blog post on coming across a kill switch to stop the spread of the recent ransomware incident.
Open sourcing MailCheck
2 years 5 months ago
The NCSC has open sourced the code behind MailCheck - one of our Active Cyber Defence projects.
Effective steps to cyber exercise creation
2 years 5 months ago
The following tips can help organisations create their own cyber incident response exercises.
Guidance following recent DoS attacks in the run up to the 2019 General Election
2 years 5 months ago
Following attacks on political party websites, this guidance provides a summary of 5 practical steps that your organisation can take to help it prepare to respond in the event of a Denial of Service (DoS) attack.
Firmware updates on Linux, and using data to influence procurement decisions
2 years 5 months ago
Focused on automating UEFI firmware updates on Windows devices.
Checked
53 minutes 27 seconds ago
This includes feeds from report, guidance and blog-post
NCSC Feed feed