Security, complexity and Huawei; protecting the UK's telecoms networks
With 5G set to transform mobile services, Ian Levy explains how the UK has approached telecoms security, and what that means for the future.
NCSC Feed
Use of Russian technology products and services following the invasion of Ukraine
7 months 3 weeks ago
Cyber security – even in a time of global unrest – remains a balance of different risks. Ian Levy, the NCSC's Technical Director, explains why.
The future of telecoms in the UK
7 months 3 weeks ago
NCSC Technical Director Dr Ian Levy explains how the security analysis behind the DCMS supply chain review will ensure the UK’s telecoms networks are secure – regardless of the vendors used.
So long and thanks for all the bits
7 months 3 weeks ago
Ian Levy, the NCSC’s departing Technical Director, discusses life, the universe, and everything.
TLS 1.3: better for individuals - harder for enterprises
7 months 3 weeks ago
The NCSC's technical director outlines the challenges that TLS 1.3 presents for enterprise security.
Thinking about the security of AI systems
7 months 4 weeks ago
Why established cyber security principles are still important when developing or implementing machine learning models.
The problems with patching
7 months 4 weeks ago
Applying patches may be a basic security principle, but that doesn't mean it's always easy to do in practice.
The strength of the ICS COI is the team
7 months 4 weeks ago
Join the Industrial Control System Community of Interest (ICS COI), and help build CNI expertise across the UK.
The security benefits of modern collaboration in the cloud
7 months 4 weeks ago
By exploiting cloud services, organisations no longer have to choose between ‘more security’ and ‘better usability’.
The problems with forcing regular password expiry
7 months 4 weeks ago
Why the NCSC decided to advise against this long-established security guideline.
The logic behind three random words
7 months 4 weeks ago
Whilst not a password panacea, using 'three random words' is still better than enforcing arbitrary complexity requirements.
The future of Technology Assurance in the UK
7 months 4 weeks ago
Chris Ensor highlights some important elements of the NCSC's new Technology Assurance strategy.
The Cyber Assessment Framework 3.1
8 months ago
Latest version of the CAF focusses on clarification and consistency between areas of the CAF.
Thanking the vulnerability research community with NCSC Challenge Coins
8 months ago
Reflecting on the positive impact of the Vulnerability Reporting Service – and introducing something new for selected contributors.
Terminology: it's not black and white
8 months ago
The NCSC now uses 'allow list' and 'deny list' in place of 'whitelist' and 'blacklist'. Emma W explains why...
Telling users to ‘avoid clicking bad links’ still isn’t working
8 months ago
Why organisations should avoid ‘blame and fear’, and instead use technical measures to manage the threat from phishing.
Tackling the 'human factor' to transform cyber security behaviours
8 months ago
ThinkCyber's CEO Tim Ward reflects on the challenges that startups face when developing innovative products.
Supplier assurance: having confidence in your suppliers
8 months ago
Questions to ask your suppliers that will help you gain confidence in their cyber security.
Studies in secure system design
8 months ago
Worked examples for Operational Technology and Virtualised systems, using the NCSC’s secure design principles
Spotlight on shadow IT
8 months ago
New guidance to help organisations manage rogue devices and services within the enterprise.
Checked
2 hours 31 minutes ago
This includes feeds from report, guidance and blog-post
NCSC Feed feed