Principles for ransomware-resistant cloud backups
Helping to make cloud backups resistant to the effects of destructive ransomware.
NCSC Feed
New scheme ready for Cyber Incident Exercising providers
1 year 8 months ago
A new Cyber Incident Exercising scheme is now open for organisations to apply to be Assured Providers, with IASME and CREST as our delivery partners.
Expanding the scope of Cyber Incident Response (CIR)
1 year 9 months ago
Announcing CREST as our first delivery partner and the scheme's readiness for incident response providers to join.
To SOC or not to SOC ?
1 year 10 months ago
For environments that are secure by design, a 'full-fat SOC' is not always required.
Why more transparency around cyber attacks is a good thing for everyone
2 years ago
Eleanor Fairford, Deputy Director of Incident Management at the NCSC, and Mihaela Jembei, Director of Regulatory Cyber at the Information Commissioner’s Office (ICO), reflect on why it’s so concerning when cyber attacks go unreported – and look at some of the misconceptions about how organisations respond to them.
Putting the consultancy community at its heart
2 years 1 month ago
Catherine H reflects on how the changes to the refreshed Assured Cyber Security Consultancy scheme go deeper than just a new name - and welcomes two new consultancies to the scheme.
The new route for cyber security professional recognition
2 years 2 months ago
What the UK Cyber Security Council's Chartership programme means for the CCP scheme and the organisations who use CCP for recruitment and development.
Zero trust migration: How will I know if I can remove my VPN?
2 years 3 months ago
In our third blog about migrating to a zero trust architecture, we consider the security properties of an Always On VPN, and the factors to consider when deciding if you no longer need one.
Geopolitical considerations when managing risk
2 years 3 months ago
How organisations working in high-risk countries can improve their cyber resilience.
Phishing and ransomware amongst biggest threats to charity sector
2 years 4 months ago
New report outlines the growing threat that charities face, and how they can become resilient to cyber attacks.
Using MSPs to administer your cloud services
2 years 4 months ago
Andrew A explains what you must check before giving Managed Service Providers (MSPs) the keys to your kingdom.
Nine months on from the Cyber Essentials update - debunking some myths
2 years 7 months ago
Anne W takes stock of where we are following the changes to Cyber Essentials in early 2022, discussing some of the feedback received and clarifying some common misconceptions.
Not perfect, but better: improving security one step at a time
2 years 10 months ago
Why striving for better (rather than perfect) security will help more people stay safer online.
Living with password re-use
2 years 10 months ago
In a perfect world we'd use unique passwords for every online service. But the world isn't perfect...
Even Jedi can't achieve Password Perfection
2 years 10 months ago
Emma W on why supporting users to do the right things is better then telling them what to do.
Let them paste passwords
2 years 10 months ago
Allow your website to accept pasted passwords - it makes your site more secure, not less.
The rise of ransomware
2 years 10 months ago
Toby L, Technical Lead for Incident Management, explains how modern-day ransomware attacks are evolving.
Time to KRACK the security patches out again
2 years 10 months ago
Andrew A puts some context around the recently published KRACK guidance and explains why patching - once again - is the answer.
'WannaCry' ransomware: guidance updates
2 years 10 months ago
Jon L provides an update on the NCSC's guidance on the 'WannaCry' ransomware.
Finding the kill switch to stop the spread of ransomware
2 years 10 months ago
MalwareTech's blog post on coming across a kill switch to stop the spread of the recent ransomware incident.
Checked
45 minutes 12 seconds ago
This includes feeds from report, guidance and blog-post
NCSC Feed feed