NCSC Feed

By exploiting cloud services, organisations no longer have to choose between ‘more security’ and ‘better usability’.

How password deny lists can help your users to make sensible password choices.

Why striving for better (rather than perfect) security will help more people stay safer online.

In a perfect world we'd use unique passwords for every online service. But the world isn't perfect...

Emma W on why supporting users to do the right things is better then telling them what to do.

Emma W discusses the question everyone keeps asking us.

Allow your website to accept pasted passwords - it makes your site more secure, not less.

Ian M discusses what makes a good password

Why the NCSC decided to advise against this long-established security guideline.

A brief guide to MIKEY-SAKKE, a protocol that allows organisations to provide secure communications with end-to-end encryption.

Advice for board members of medium to large organisations that are at risk from the Apache Log4j vulnerability.

Toby L, Technical Lead for Incident Management, explains how modern-day ransomware attacks are evolving.

Immediate actions for all organisations using the SolarWinds Orion suite of IT management tools

Unparalleled access to skilled users transformed Rebellion Defence’s product roadmap.

Approaches to the design, development and assessment of products capable of resisting elevated threats.

Advice for those concerned a device has been infected.

The NCSC's technical director outlines the challenges that TLS 1.3 presents for enterprise security.

Andrew A puts some context around the recently published KRACK guidance and explains why patching - once again - is the answer.

Jon L provides an update on the NCSC's guidance on the 'WannaCry' ransomware.

MalwareTech's blog post on coming across a kill switch to stop the spread of the recent ransomware incident.