TLS 1.3: better for individuals - harder for enterprises
The NCSC's technical director outlines the challenges that TLS 1.3 presents for enterprise security.
NCSC Feed
Thinking about the security of AI systems
1 year ago
Why established cyber security principles are still important when developing or implementing machine learning models.
The problems with patching
1 year ago
Applying patches may be a basic security principle, but that doesn't mean it's always easy to do in practice.
The strength of the ICS COI is the team
1 year ago
Join the Industrial Control System Community of Interest (ICS COI), and help build CNI expertise across the UK.
The security benefits of modern collaboration in the cloud
1 year ago
By exploiting cloud services, organisations no longer have to choose between ‘more security’ and ‘better usability’.
The problems with forcing regular password expiry
1 year ago
Why the NCSC decided to advise against this long-established security guideline.
The logic behind three random words
1 year ago
Whilst not a password panacea, using 'three random words' is still better than enforcing arbitrary complexity requirements.
The future of Technology Assurance in the UK
1 year ago
Chris Ensor highlights some important elements of the NCSC's new Technology Assurance strategy.
The Cyber Assessment Framework 3.1
1 year ago
Latest version of the CAF focusses on clarification and consistency between areas of the CAF.
Terminology: it's not black and white
1 year ago
The NCSC now uses 'allow list' and 'deny list' in place of 'whitelist' and 'blacklist'. Emma W explains why...
Telling users to ‘avoid clicking bad links’ still isn’t working
1 year ago
Why organisations should avoid ‘blame and fear’, and instead use technical measures to manage the threat from phishing.
Tackling the 'human factor' to transform cyber security behaviours
1 year ago
ThinkCyber's CEO Tim Ward reflects on the challenges that startups face when developing innovative products.
Supplier assurance: having confidence in your suppliers
1 year ago
Questions to ask your suppliers that will help you gain confidence in their cyber security.
Studies in secure system design
1 year ago
Worked examples for Operational Technology and Virtualised systems, using the NCSC’s secure design principles
Spotlight on shadow IT
1 year ago
New guidance to help organisations manage rogue devices and services within the enterprise.
Smart devices: new law helps citizens to choose secure products
1 year ago
Download the NCSC’s point-of-sale leaflet explaining how new PSTI regulation affects consumers and retailers.
SCADA 'in the cloud': new guidance for OT organisations
1 year ago
If migrating SCADA solutions to the cloud, cyber security must be a key consideration for operational technology organisations.
SBOMs and the importance of inventory
1 year ago
Can a Software Bill of Materials (SBOM) provide organisations with better insight into their supply chains?
RITICS: Securing cyber-physical systems
1 year ago
Discover the Research Institute in Trustworthy Inter-connected Cyber-physical Systems.
Revolutionising identity services using AI
1 year ago
The ‘NCSC for Startups’ alumnus giving identity verification the 'Trust Stamp'
Checked
9 minutes 56 seconds ago
This includes feeds from report, guidance and blog-post
NCSC Feed feed