The problems with forcing regular password expiry
Why the NCSC decided to advise against this long-established security guideline.
NCSC Feed
The logic behind three random words
3 weeks ago
Whilst not a password panacea, using 'three random words' is still better than enforcing arbitrary complexity requirements.
The future of Technology Assurance in the UK
3 weeks ago
Chris Ensor highlights some important elements of the NCSC's new Technology Assurance strategy.
The Cyber Assessment Framework 3.1
3 weeks ago
Latest version of the CAF focusses on clarification and consistency between areas of the CAF.
Thanking the vulnerability research community with NCSC Challenge Coins
3 weeks ago
Reflecting on the positive impact of the Vulnerability Reporting Service – and introducing something new for selected contributors.
Terminology: it's not black and white
3 weeks ago
The NCSC now uses 'allow list' and 'deny list' in place of 'whitelist' and 'blacklist'. Emma W explains why...
Telling users to ‘avoid clicking bad links’ still isn’t working
3 weeks ago
Why organisations should avoid ‘blame and fear’, and instead use technical measures to manage the threat from phishing.
Tackling the 'human factor' to transform cyber security behaviours
3 weeks ago
ThinkCyber's CEO Tim Ward reflects on the challenges that startups face when developing innovative products.
Supplier assurance: having confidence in your suppliers
3 weeks ago
Questions to ask your suppliers that will help you gain confidence in their cyber security.
Studies in secure system design
3 weeks ago
Worked examples for Operational Technology and Virtualised systems, using the NCSC’s secure design principles
Spotlight on shadow IT
3 weeks ago
New guidance to help organisations manage rogue devices and services within the enterprise.
Smart devices: new law helps citizens to choose secure products
3 weeks ago
Download the NCSC’s point-of-sale leaflet explaining how new PSTI regulation affects consumers and retailers.
SCADA 'in the cloud': new guidance for OT organisations
3 weeks ago
If migrating SCADA solutions to the cloud, cyber security must be a key consideration for operational technology organisations.
SBOMs and the importance of inventory
3 weeks ago
Can a Software Bill of Materials (SBOM) provide organisations with better insight into their supply chains?
RITICS: Securing cyber-physical systems
3 weeks ago
Discover the Research Institute in Trustworthy Inter-connected Cyber-physical Systems.
Revolutionising identity services using AI
3 weeks ago
The ‘NCSC for Startups’ alumnus giving identity verification the 'Trust Stamp'
Researching the hard problems in hardware security
3 weeks ago
Introducing the next chapter of the NCSC research problem book, which aims to inspire research on the biggest impact topics in hardware cyber security.
Relaunching the NCSC's Cloud security guidance collection
3 weeks ago
Andrew A explains what's new in a significant update to the NCSC's flagship cloud guidance.
Refreshed 'cyber security toolkit' helps board members to govern online risk
3 weeks ago
Lindy Cameron, CEO, introduces changes to the NCSC’s cyber security resources specifically designed for board members.
Ransomware and the cyber crime ecosystem
3 weeks ago
A new white paper examines the rise of 'ransomware as a service' and extortion attacks.
Checked
12 hours 19 minutes ago
This includes feeds from report, guidance and blog-post
NCSC Feed feed