NCSC Feed

Guidance for those who want to understand and reduce the impact of the ROCA vulnerability.

Guidance to help CEOs in public and private sector organisations manage a cyber incident.

Advice and recommendations for mitigating this type of insider behaviour.

How certificates should be initially provisioned, and how supporting infrastructure should be securely operated.

Security advice for organisations using text messages to communicate with end users

Protecting your organisation’s telephony systems from cyber attacks and telecoms fraud.

Guidance for preventing lateral movement in enterprise networks.

How to get the most from penetration testing

An architecture pattern for safely importing data into a system from an external source.

Making sense of cyber security in OT environments

How to enjoy online gaming securely by following just a few tips

How to design, use, and maintain secure networks.

Guidance for members of the public, website administrators and JavaScript developers in relation to the recently publicised cryptocurrency mining compromises of several websites

Advice for Dixons Carphone customers following its data breach.

The NCSC's guidance for the risk management of high risk vendors in telecommunications networks.

Advice for customers of Marriott International following the reports of a data breach.

A brief guide to MIKEY-SAKKE, a protocol that allows organisations to provide secure communications with end-to-end encryption.

How organisations can map their supply chain dependencies, so that risks in the supply chain can be better understood and managed.

Guidance outlining the risks of locally installed products interacting with cloud services, and suggestions to help organisations manage this risk.

Good practises for the management of public domain names owned by your organisation.