1. Home
  2. Ncsc Feed

Buzz & Beyond: Ncsc feed

Improving your response to vulnerability management. How to ensure the ‘organisational memory’ of past vulnerabilities is not lost.
Trending

Improving your response to vulnerability management. How to ensure the ‘organisational memory’ of past vulnerabilities is not lost.

Improving your response to vulnerability management. How to ensure the ‘organisational memory’ of past vulnerabilities is not lost.
Source: NCSC Feed
Published: Feb, 09 2026 20:24

How to ensure the ‘organisational memory’ of past vulnerabilities is not lost.

Continue reading...

Can you help the NCSC with the next p...
Can you help the NCSC with the next phase of EASM research?. Organisations with experience in external attack surface... Can you help the NCSC with the next phase of EASM research?. Organisations with experience in external attack surface management can help us shape future ACD 2.0 services.
NCSC Feed
Cloud Security Posture Management: si...
Cloud Security Posture Management: silver bullet or another piece in the cloud puzzle?. CSPM tools are big business. ... Cloud Security Posture Management: silver bullet or another piece in the cloud puzzle?. CSPM tools are big business. Could they be the answer to your cloud configuration problems?.
NCSC Feed
One small step for Cyber Resilience T...
One small step for Cyber Resilience Test Facilities, one giant leap for technology assurance. CRTFs are helping organ... One small step for Cyber Resilience Test Facilities, one giant leap for technology assurance. CRTFs are helping organisations to make informed, risk-based decisions on the adoption of technology products.
NCSC Feed
Designing safer links: secure connect...
Designing safer links: secure connectivity for operational technology. New principles help organisations to design, r... Designing safer links: secure connectivity for operational technology. New principles help organisations to design, review, and secure connectivity to (and within) OT systems.
NCSC Feed
The Government Cyber Action Plan: str...
The Government Cyber Action Plan: strengthening resilience across the UK. With GCAP, the UK government is taking deci... The Government Cyber Action Plan: strengthening resilience across the UK. With GCAP, the UK government is taking decisive steps towards a safer, more resilient future.
NCSC Feed
Cyber deception trials: what we’ve le...
Cyber deception trials: what we’ve learned so far. An update on the NCSC's trials to test the real-world efficacy of ... Cyber deception trials: what we’ve learned so far. An update on the NCSC's trials to test the real-world efficacy of cyber deception solutions.
NCSC Feed

Most Viewed

Improving your response to vulnerability management. How ...
Improving your response to vulnerability management. How to ensure the ‘organisational ... Improving your response to vulnerability management. How ...
NCSC Feed
Can you help the NCSC with the next phase of EASM researc...
Can you help the NCSC with the next phase of EASM research?. Organisations with experie... Can you help the NCSC with the next phase of EASM researc...
NCSC Feed
Cloud Security Posture Management: silver bullet or anoth...
Cloud Security Posture Management: silver bullet or another piece in the cloud puzzle?.... Cloud Security Posture Management: silver bullet or anoth...
NCSC Feed
One small step for Cyber Resilience Test Facilities, one ...
One small step for Cyber Resilience Test Facilities, one giant leap for technology assu... One small step for Cyber Resilience Test Facilities, one ...
NCSC Feed
Designing safer links: secure connectivity for operationa...
Designing safer links: secure connectivity for operational technology. New principles h... Designing safer links: secure connectivity for operationa...
NCSC Feed
The Government Cyber Action Plan: strengthening resilienc...
The Government Cyber Action Plan: strengthening resilience across the UK. With GCAP, th... The Government Cyber Action Plan: strengthening resilienc...
NCSC Feed
Cyber deception trials: what we’ve learned so far. An upd...
Cyber deception trials: what we’ve learned so far. An update on the NCSC's trials to te... Cyber deception trials: what we’ve learned so far. An upd...
NCSC Feed
Prompt injection is not SQL injection (it may be worse). ...
Prompt injection is not SQL injection (it may be worse). There are crucial differences ... Prompt injection is not SQL injection (it may be worse). ...
NCSC Feed
Provisioning and managing certificates in the Web PKI. Ho...
Provisioning and managing certificates in the Web PKI. How service owners should secure... Provisioning and managing certificates in the Web PKI. Ho...
NCSC Feed
Updating our guidance on security certificates, TLS and I...
Updating our guidance on security certificates, TLS and IPsec. The NCSC has updated 3 k... Updating our guidance on security certificates, TLS and I...
NCSC Feed
Building trust in the digital age: a collaborative approa...
Building trust in the digital age: a collaborative approach to content provenance techn... Building trust in the digital age: a collaborative approa...
NCSC Feed
What makes a responsible cyber actor: introducing the Pal...
What makes a responsible cyber actor: introducing the Pall Mall industry consultation o... What makes a responsible cyber actor: introducing the Pal...
NCSC Feed

Historical Trends

Prompt injection is not SQL injection (it may be worse). There are crucial differences between prompt and SQL injection which – if not considered – can undermine mitigations.
Prompt injection is not SQL injection (it may be worse). There are crucial differences ... Prompt injection is not SQL injection (it may be worse). ...
NCSC Feed
Provisioning and managing certificates in the Web PKI. How service owners should securely provision and manage certificates in the Web PKI.
Provisioning and managing certificates in the Web PKI. How service owners should secure... Provisioning and managing certificates in the Web PKI. Ho...
NCSC Feed
Updating our guidance on security certificates, TLS and IPsec. The NCSC has updated 3 key pieces of cryptographic guidance. Here, we explain the changes.
Updating our guidance on security certificates, TLS and IPsec. The NCSC has updated 3 k... Updating our guidance on security certificates, TLS and I...
NCSC Feed
Building trust in the digital age: a collaborative approach to content provenance technologies. Joint NCSC and Canadian Centre for Cyber Security primer helps organisations understand emerging technologies that can help maintain trust in their public-facing information.
Building trust in the digital age: a collaborative approach to content provenance techn... Building trust in the digital age: a collaborative approa...
NCSC Feed
What makes a responsible cyber actor: introducing the Pall Mall industry consultation on good practice. Calling vulnerability researchers, exploit developers and others in the offensive cyber industry to share their views.
What makes a responsible cyber actor: introducing the Pall Mall industry consultation o... What makes a responsible cyber actor: introducing the Pal...
NCSC Feed
It's time for all small businesses to act. The NCSC’s Cyber Action Toolkit helps you to protect your business from online attacks.
It's time for all small businesses to act. The NCSC’s Cyber Action Toolkit helps you to... It's time for all small businesses to act. The NCSC’s Cyb...
NCSC Feed
NCSC handing over the baton of smart meter security: a decade of progress. Why transferring the Commercial Product Assurance scheme to industry ownership marks an important milestone.
NCSC handing over the baton of smart meter security: a decade of progress. Why transfer... NCSC handing over the baton of smart meter security: a de...
NCSC Feed
Choosing a managed service provider (MSP). An SME’s guide to selecting and working with managed service providers.
Choosing a managed service provider (MSP). An SME’s guide to selecting and working with... Choosing a managed service provider (MSP). An SME’s guide...
NCSC Feed
Cyber Action Toolkit: breaking down the barriers to resilience. How the NCSC’s ‘Cyber Action Toolkit’ is helping small businesses to improve their cyber security.
Cyber Action Toolkit: breaking down the barriers to resilience. How the NCSC’s ‘Cyber A... Cyber Action Toolkit: breaking down the barriers to resil...
NCSC Feed
NCSC to retire Web Check and Mail Check. By 31 March 2026, organisations should have alternatives to Mail Check and Web Check in place.
NCSC to retire Web Check and Mail Check. By 31 March 2026, organisations should have al... NCSC to retire Web Check and Mail Check. By 31 March 2026...
NCSC Feed
Cyber security is business survival. The NCSC co-signs Ministerial letter to major British businesses including FTSE 350 companies.
Cyber security is business survival. The NCSC co-signs Ministerial letter to major Brit... Cyber security is business survival. The NCSC co-signs Mi...
NCSC Feed
Strengthening national cyber resilience through observability and threat hunting. How organisations can improve their ability to both detect and discover cyber threats.
Strengthening national cyber resilience through observability and threat hunting. How o... Strengthening national cyber resilience through observabi...
NCSC Feed
RFC 9794: a new standard for post-quantum terminology. The NCSC’s contribution to the Internet Engineering Task Force will help to make the internet more secure.
RFC 9794: a new standard for post-quantum terminology. The NCSC’s contribution to the I... RFC 9794: a new standard for post-quantum terminology. Th...
NCSC Feed
Understanding your OT environment: the first step to stronger cyber security. If you can’t see your entire operational technology environment, you can’t defend it. New guidance from the NCSC will help you gain that visibility.
Understanding your OT environment: the first step to stronger cyber security. If you ca... Understanding your OT environment: the first step to stro...
NCSC Feed
EASM buyer's guide now available. How to choose an external attack surface management (EASM) tool that’s right for your organisation.
EASM buyer's guide now available. How to choose an external attack surface management (... EASM buyer's guide now available. How to choose an extern...
NCSC Feed
External attack surface management (EASM) buyer's guide. A guide to choosing the right EASM product for your organisation, and the security features you need to consider.
External attack surface management (EASM) buyer's guide. A guide to choosing the right ... External attack surface management (EASM) buyer's guide. ...
NCSC Feed
Cyber resilience matters as much as cyber defence. Why planning and rehearsing your recovery from an incident is as vital as building your defences.
Cyber resilience matters as much as cyber defence. Why planning and rehearsing your rec... Cyber resilience matters as much as cyber defence. Why pl...
NCSC Feed
From bugs to bypasses: adapting vulnerability disclosure for AI safeguards. Exploring how far cyber security approaches can help mitigate risks in generative AI systems.
From bugs to bypasses: adapting vulnerability disclosure for AI safeguards. Exploring h... From bugs to bypasses: adapting vulnerability disclosure ...
NCSC Feed
Cyber Assessment Framework v4.0 released in response to growing threat. Updates to the CAF helps providers of essential services to better manage their cyber risks.
Cyber Assessment Framework v4.0 released in response to growing threat. Updates to the ... Cyber Assessment Framework v4.0 released in response to g...
NCSC Feed
Getting your organisation ready for Windows 11 upgrade before Autumn 2025. Why you should act now to ensure you meet the new hardware standards, and prioritise security.
Getting your organisation ready for Windows 11 upgrade before Autumn 2025. Why you shou... Getting your organisation ready for Windows 11 upgrade be...
NCSC Feed
Trusting the tech: using password managers and passkeys to help you stay secure online. How today’s secure tools simplify your digital life, and reduce login stress and password fatigue.
Trusting the tech: using password managers and passkeys to help you stay secure online.... Trusting the tech: using password managers and passkeys t...
NCSC Feed
Have you got what it takes to be a 'Cyber Advisor'?. We need more cyber professionals to join our scheme providing hands-on advice to SMEs.
Have you got what it takes to be a 'Cyber Advisor'?. We need more cyber professionals t... Have you got what it takes to be a 'Cyber Advisor'?. We n...
NCSC Feed
Sausages and incentives: rewarding a resilient technology future. Why ‘thinking big’ is required to shift the dynamics of the technology market.
Sausages and incentives: rewarding a resilient technology future. Why ‘thinking big’ is... Sausages and incentives: rewarding a resilient technology...
NCSC Feed
Creating the right organisational culture for cyber security. Calling cyber security professionals, culture specialists and leaders to drive uptake of new Cyber security culture principles.
Creating the right organisational culture for cyber security. Calling cyber security pr... Creating the right organisational culture for cyber secur...
NCSC Feed
New ETSI standard protects AI systems from evolving cyber threats. The NCSC and DSIT work with ETSI to ‘set a benchmark for securing AI’.
New ETSI standard protects AI systems from evolving cyber threats. The NCSC and DSIT wo... New ETSI standard protects AI systems from evolving cyber...
NCSC Feed
Facing the cyber threat behind the headlines. NCSC CEO urges all businesses to face the stark reality of the cyber threat they face, whether in the spotlight or not.
Facing the cyber threat behind the headlines. NCSC CEO urges all businesses to face the... Facing the cyber threat behind the headlines. NCSC CEO ur...
NCSC Feed
Decommissioning assets. How to retire digital assets (such as data, software, or hardware) from operation.
Decommissioning assets. How to retire digital assets (such as data, software, or hardwa... Decommissioning assets. How to retire digital assets (suc...
NCSC Feed
Incidents impacting retailers – recommendations from the NCSC. A joint blog post by the NCSC’s National Resilience Director, Jonathon Ellison, and Chief Technology Officer, Ollie Whitehouse.
Incidents impacting retailers – recommendations from the NCSC. A joint blog post by the... Incidents impacting retailers – recommendations from the ...
NCSC Feed
Software Code of Practice: building a secure digital future. New voluntary code of practice for technology providers defines a market baseline for cyber security.
Software Code of Practice: building a secure digital future. New voluntary code of prac... Software Code of Practice: building a secure digital futu...
NCSC Feed
Impact of AI on cyber threat from now to 2027. An NCSC assessment highlighting the impacts on cyber threat from AI developments between now and 2027.
Impact of AI on cyber threat from now to 2027. An NCSC assessment highlighting the impa... Impact of AI on cyber threat from now to 2027. An NCSC as...
NCSC Feed
Software Security Code of Practice - Assurance Principles and Claims (APCs). Helps vendors measure how well they meet the Software Security Code of Practice, and suggests remedial actions should they fall short.
Software Security Code of Practice - Assurance Principles and Claims (APCs). Helps vend... Software Security Code of Practice - Assurance Principles...
NCSC Feed
Advanced Cryptography: new approaches to data privacy. A new NCSC paper discusses the suitability of emerging Advanced Cryptography techniques.
Advanced Cryptography: new approaches to data privacy. A new NCSC paper discusses the s... Advanced Cryptography: new approaches to data privacy. A ...
NCSC Feed
New guidance on securing HTTP-based APIs. Why it’s essential to secure your APIs to build trust with your customers and partners.
New guidance on securing HTTP-based APIs. Why it’s essential to secure your APIs to bui... New guidance on securing HTTP-based APIs. Why it’s essent...
NCSC Feed
New online training helps board members to govern cyber risk. The NCSC’s CEO, Richard Horne on the new cyber governance resources giving Boards the tools they need to govern cyber security risks.
New online training helps board members to govern cyber risk. The NCSC’s CEO, Richard H... New online training helps board members to govern cyber r...
NCSC Feed
Cyber Security and Resilience Policy Statement to strengthen regulation of critical sectors. New proposals will combat the growing threat to UK critical national infrastructure (CNI).
Cyber Security and Resilience Policy Statement to strengthen regulation of critical sec... Cyber Security and Resilience Policy Statement to strengt...
NCSC Feed
CyberFirst Girls Competition: a proud milestone and exciting future. The future of the CyberFirst Girls Competition and reflecting on brilliant progress.
CyberFirst Girls Competition: a proud milestone and exciting future. The future of the ... CyberFirst Girls Competition: a proud milestone and excit...
NCSC Feed
Privileged access workstations: introducing our new set of principles. Principles-based guidance for organisations setting up a PAW solution.
Privileged access workstations: introducing our new set of principles. Principles-based... Privileged access workstations: introducing our new set o...
NCSC Feed
Timelines for migration to post-quantum cryptography. Activities which organisations must carry out to migrate safely to post-quantum cryptography in the coming years.
Timelines for migration to post-quantum cryptography. Activities which organisations mu... Timelines for migration to post-quantum cryptography. Act...
NCSC Feed
Setting direction for the UK's migration to post-quantum cryptography. Why the key milestones for PQC migration are part of building and maintaining good cyber security practice.
Setting direction for the UK's migration to post-quantum cryptography. Why the key mile... Setting direction for the UK's migration to post-quantum ...
NCSC Feed
Supplier assurance questions. Questions to ask your suppliers that will help you gain confidence in their cyber security.
Supplier assurance questions. Questions to ask your suppliers that will help you gain c... Supplier assurance questions. Questions to ask your suppl...
NCSC Feed
Social media: protecting what you publish. How to reduce the likelihood of unauthorised content appearing within your organisation's social media channels.
Social media: protecting what you publish. How to reduce the likelihood of unauthorised... Social media: protecting what you publish. How to reduce ...
NCSC Feed
Social Media: how to use it safely. Use privacy settings across social media platforms to manage your digital footprint.
Social Media: how to use it safely. Use privacy settings across social media platforms ... Social Media: how to use it safely. Use privacy settings ...
NCSC Feed
Smart devices: using them safely in your home. Many everyday items are now connected to the internet: we explain how to use them safely.
Smart devices: using them safely in your home. Many everyday items are now connected to... Smart devices: using them safely in your home. Many every...
NCSC Feed
Shopping and paying safely online. Tips to help you purchase items safely and avoid fraudulent websites.
Shopping and paying safely online. Tips to help you purchase items safely and avoid fra... Shopping and paying safely online. Tips to help you purch...
NCSC Feed
Shadow IT. Managing 'unknown assets' that are used within an organisation.
Shadow IT. Managing 'unknown assets' that are used within an organisation. Shadow IT. Managing 'unknown assets' that are used within...
NCSC Feed
Sextortion emails: how to protect yourself. Advice in response to the increase in sextortion scams.
Sextortion emails: how to protect yourself. Advice in response to the increase in sexto... Sextortion emails: how to protect yourself. Advice in res...
NCSC Feed
Setting up 2-Step Verification (2SV). How setting up 2SV can help protect your online accounts, even if your password is stolen.
Setting up 2-Step Verification (2SV). How setting up 2SV can help protect your online a... Setting up 2-Step Verification (2SV). How setting up 2SV ...
NCSC Feed
Securing your devices. How to ensure your devices are as secure as possible.
Securing your devices. How to ensure your devices are as secure as possible. Securing your devices. How to ensure your devices are as ...
NCSC Feed
Secure sanitisation and disposal of storage media. How to ensure data cannot be recovered from electronic storage media.
Secure sanitisation and disposal of storage media. How to ensure data cannot be recover... Secure sanitisation and disposal of storage media. How to...
NCSC Feed
Secure communications principles. Guidance to help you assess the security of voice, video and messaging communication services.
Secure communications principles. Guidance to help you assess the security of voice, vi... Secure communications principles. Guidance to help you as...
NCSC Feed