1. Home
  2. Ncsc Feed

Buzz & Beyond: Ncsc feed

Improving your response to vulnerability management. How to ensure the ‘organisational memory’ of past vulnerabilities is not lost.
Trending

Improving your response to vulnerability management. How to ensure the ‘organisational memory’ of past vulnerabilities is not lost.

Improving your response to vulnerability management. How to ensure the ‘organisational memory’ of past vulnerabilities is not lost.
Source: NCSC Feed
Published: Feb, 09 2026 20:24

How to ensure the ‘organisational memory’ of past vulnerabilities is not lost.

Continue reading...

Can you help the NCSC with the next p...
Can you help the NCSC with the next phase of EASM research?. Organisations with experience in external attack surface... Can you help the NCSC with the next phase of EASM research?. Organisations with experience in external attack surface management can help us shape future ACD 2.0 services.
NCSC Feed
Cloud Security Posture Management: si...
Cloud Security Posture Management: silver bullet or another piece in the cloud puzzle?. CSPM tools are big business. ... Cloud Security Posture Management: silver bullet or another piece in the cloud puzzle?. CSPM tools are big business. Could they be the answer to your cloud configuration problems?.
NCSC Feed
One small step for Cyber Resilience T...
One small step for Cyber Resilience Test Facilities, one giant leap for technology assurance. CRTFs are helping organ... One small step for Cyber Resilience Test Facilities, one giant leap for technology assurance. CRTFs are helping organisations to make informed, risk-based decisions on the adoption of technology products.
NCSC Feed
Designing safer links: secure connect...
Designing safer links: secure connectivity for operational technology. New principles help organisations to design, r... Designing safer links: secure connectivity for operational technology. New principles help organisations to design, review, and secure connectivity to (and within) OT systems.
NCSC Feed
The Government Cyber Action Plan: str...
The Government Cyber Action Plan: strengthening resilience across the UK. With GCAP, the UK government is taking deci... The Government Cyber Action Plan: strengthening resilience across the UK. With GCAP, the UK government is taking decisive steps towards a safer, more resilient future.
NCSC Feed
Cyber deception trials: what we’ve le...
Cyber deception trials: what we’ve learned so far. An update on the NCSC's trials to test the real-world efficacy of ... Cyber deception trials: what we’ve learned so far. An update on the NCSC's trials to test the real-world efficacy of cyber deception solutions.
NCSC Feed

Most Viewed

Improving your response to vulnerability management. How ...
Improving your response to vulnerability management. How to ensure the ‘organisational ... Improving your response to vulnerability management. How ...
NCSC Feed
Can you help the NCSC with the next phase of EASM researc...
Can you help the NCSC with the next phase of EASM research?. Organisations with experie... Can you help the NCSC with the next phase of EASM researc...
NCSC Feed
Cloud Security Posture Management: silver bullet or anoth...
Cloud Security Posture Management: silver bullet or another piece in the cloud puzzle?.... Cloud Security Posture Management: silver bullet or anoth...
NCSC Feed
One small step for Cyber Resilience Test Facilities, one ...
One small step for Cyber Resilience Test Facilities, one giant leap for technology assu... One small step for Cyber Resilience Test Facilities, one ...
NCSC Feed
Designing safer links: secure connectivity for operationa...
Designing safer links: secure connectivity for operational technology. New principles h... Designing safer links: secure connectivity for operationa...
NCSC Feed
The Government Cyber Action Plan: strengthening resilienc...
The Government Cyber Action Plan: strengthening resilience across the UK. With GCAP, th... The Government Cyber Action Plan: strengthening resilienc...
NCSC Feed
Cyber deception trials: what we’ve learned so far. An upd...
Cyber deception trials: what we’ve learned so far. An update on the NCSC's trials to te... Cyber deception trials: what we’ve learned so far. An upd...
NCSC Feed
Prompt injection is not SQL injection (it may be worse). ...
Prompt injection is not SQL injection (it may be worse). There are crucial differences ... Prompt injection is not SQL injection (it may be worse). ...
NCSC Feed
Provisioning and managing certificates in the Web PKI. Ho...
Provisioning and managing certificates in the Web PKI. How service owners should secure... Provisioning and managing certificates in the Web PKI. Ho...
NCSC Feed
Updating our guidance on security certificates, TLS and I...
Updating our guidance on security certificates, TLS and IPsec. The NCSC has updated 3 k... Updating our guidance on security certificates, TLS and I...
NCSC Feed
Building trust in the digital age: a collaborative approa...
Building trust in the digital age: a collaborative approach to content provenance techn... Building trust in the digital age: a collaborative approa...
NCSC Feed
What makes a responsible cyber actor: introducing the Pal...
What makes a responsible cyber actor: introducing the Pall Mall industry consultation o... What makes a responsible cyber actor: introducing the Pal...
NCSC Feed

Historical Trends

Scam 'missed parcel' SMS messages: advice on avoiding malware. How to avoid malware sent using scam ‘missed parcel’ SMS messages, and what to do if your phone is already infected.
Scam 'missed parcel' SMS messages: advice on avoiding malware. How to avoid malware sen... Scam 'missed parcel' SMS messages: advice on avoiding mal...
NCSC Feed
ROCA: Infineon TPM and Secure Element RSA Vulnerability Guidance. Guidance for those who want to understand and reduce the impact of the ROCA vulnerability.
ROCA: Infineon TPM and Secure Element RSA Vulnerability Guidance. Guidance for those wh... ROCA: Infineon TPM and Secure Element RSA Vulnerability G...
NCSC Feed
Responding to a cyber incident – a guide for CEOs. Guidance to help CEOs in public and private sector organisations manage a cyber incident.
Responding to a cyber incident – a guide for CEOs. Guidance to help CEOs in public and ... Responding to a cyber incident – a guide for CEOs. Guidan...
NCSC Feed
Reducing data exfiltration by malicious insiders. Advice and recommendations for mitigating this type of insider behaviour.
Reducing data exfiltration by malicious insiders. Advice and recommendations for mitiga... Reducing data exfiltration by malicious insiders. Advice ...
NCSC Feed
Recovering a hacked account. A step by step guide to recovering online accounts.
Recovering a hacked account. A step by step guide to recovering online accounts. Recovering a hacked account. A step by step guide to reco...
NCSC Feed
Putting staff welfare at the heart of incident response. Guidance for staff responsible for managing a cyber incident response within their organisation.
Putting staff welfare at the heart of incident response. Guidance for staff responsible... Putting staff welfare at the heart of incident response. ...
NCSC Feed
Provisioning and securing security certificates. How certificates should be initially provisioned, and how supporting infrastructure should be securely operated.
Provisioning and securing security certificates. How certificates should be initially p... Provisioning and securing security certificates. How cert...
NCSC Feed
Protective DNS for the private sector. Advice on the selection and deployment of Protective Domain Name Systems (DNS).
Protective DNS for the private sector. Advice on the selection and deployment of Protec... Protective DNS for the private sector. Advice on the sele...
NCSC Feed
Protecting SMS messages used in critical business processes. Security advice for organisations using text messages to communicate with end users.
Protecting SMS messages used in critical business processes. Security advice for organi... Protecting SMS messages used in critical business process...
NCSC Feed
Private Branch Exchange (PBX) best practice. Protecting your organisation’s telephony systems from cyber attacks and telecoms fraud.
Private Branch Exchange (PBX) best practice. Protecting your organisation’s telephony s... Private Branch Exchange (PBX) best practice. Protecting y...
NCSC Feed
Preventing Lateral Movement. Guidance for preventing lateral movement in enterprise networks.
Preventing Lateral Movement. Guidance for preventing lateral movement in enterprise networks. Preventing Lateral Movement. Guidance for preventing late...
NCSC Feed
Phishing attacks: defending your organisation. How to defend your organisation from email phishing attacks.
Phishing attacks: defending your organisation. How to defend your organisation from ema... Phishing attacks: defending your organisation. How to def...
NCSC Feed
Penetration testing. How to get the most from penetration testing.
Penetration testing. How to get the most from penetration testing. Penetration testing. How to get the most from penetration...
NCSC Feed
Pattern: Safely Importing Data. An architecture pattern for safely importing data into a system from an external source.
Pattern: Safely Importing Data. An architecture pattern for safely importing data into ... Pattern: Safely Importing Data. An architecture pattern f...
NCSC Feed
Operational technologies. Making sense of cyber security in OT environments.
Operational technologies. Making sense of cyber security in OT environments. Operational technologies. Making sense of cyber security ...
NCSC Feed
Online gaming for families and individuals. How to enjoy online gaming securely by following just a few tips.
Online gaming for families and individuals. How to enjoy online gaming securely by foll... Online gaming for families and individuals. How to enjoy ...
NCSC Feed
Network security fundamentals. How to design, use, and maintain secure networks.
Network security fundamentals. How to design, use, and maintain secure networks. Network security fundamentals. How to design, use, and ma...
NCSC Feed
NCSC advice: Malicious software used to illegally mine cryptocurrency. Guidance for members of the public, website administrators and JavaScript developers in relation to the recently publicised cryptocurrency mining compromises of several websites.
NCSC advice: Malicious software used to illegally mine cryptocurrency. Guidance for mem... NCSC advice: Malicious software used to illegally mine cr...
NCSC Feed
NCSC advice for Dixons Carphone plc customers. Advice for Dixons Carphone customers following its data breach.
NCSC advice for Dixons Carphone plc customers. Advice for Dixons Carphone customers fol... NCSC advice for Dixons Carphone plc customers. Advice for...
NCSC Feed
NCSC advice on the use of equipment from high risk vendors in UK telecoms networks. The NCSC's guidance for the risk management of high risk vendors in telecommunications networks.
NCSC advice on the use of equipment from high risk vendors in UK telecoms networks. The... NCSC advice on the use of equipment from high risk vendor...
NCSC Feed
NCSC advice for Marriott International customers. Advice for customers of Marriott International following the reports of a data breach.
NCSC advice for Marriott International customers. Advice for customers of Marriott Inte... NCSC advice for Marriott International customers. Advice ...
NCSC Feed
Moving your business from the physical to the digital. Security questions to ask your IT service providers when considering a digital transition.
Moving your business from the physical to the digital. Security questions to ask your I... Moving your business from the physical to the digital. Se...
NCSC Feed
Mitigating malware and ransomware attacks. How to defend organisations against malware or ransomware attacks.
Mitigating malware and ransomware attacks. How to defend organisations against malware ... Mitigating malware and ransomware attacks. How to defend ...
NCSC Feed
MIKEY-SAKKE frequently asked questions. A brief guide to MIKEY-SAKKE, a protocol that allows organisations to provide secure communications with end-to-end encryption.
MIKEY-SAKKE frequently asked questions. A brief guide to MIKEY-SAKKE, a protocol that a... MIKEY-SAKKE frequently asked questions. A brief guide to ...
NCSC Feed
Mapping your supply chain. How organisations can map their supply chain dependencies, so that risks in the supply chain can be better understood and managed.
Mapping your supply chain. How organisations can map their supply chain dependencies, s... Mapping your supply chain. How organisations can map thei...
NCSC Feed
Managing the risk of cloud-enabled products. Guidance outlining the risks of locally installed products interacting with cloud services, and suggestions to help organisations manage this risk.
Managing the risk of cloud-enabled products. Guidance outlining the risks of locally in... Managing the risk of cloud-enabled products. Guidance out...
NCSC Feed
Managing Public Domain Names. Good practises for the management of public domain names owned by your organisation.
Managing Public Domain Names. Good practises for the management of public domain names ... Managing Public Domain Names. Good practises for the mana...
NCSC Feed
Maintaining a sustainable strengthened cyber security posture. How organisations can avoid staff burnout during an extended period of heightened cyber threat.
Maintaining a sustainable strengthened cyber security posture. How organisations can av... Maintaining a sustainable strengthened cyber security pos...
NCSC Feed
Macro Security for Microsoft Office. Why macros are a threat, and the approaches you can take to protect your systems.
Macro Security for Microsoft Office. Why macros are a threat, and the approaches you ca... Macro Security for Microsoft Office. Why macros are a thr...
NCSC Feed
'Krack' Wi-Fi guidance. Guidance for enterprise administrators, small businesses and home users in relation to the recently published 'Krack' vulnerability in Wi-Fi networks protected by WPA2.
'Krack' Wi-Fi guidance. Guidance for enterprise administrators, small businesses and ho... 'Krack' Wi-Fi guidance. Guidance for enterprise administr...
NCSC Feed
Introduction to logging for security purposes. Laying the groundwork for incident readiness.
Introduction to logging for security purposes. Laying the groundwork for incident readiness. Introduction to logging for security purposes. Laying the...
NCSC Feed
Introduction to identity and access management. This guidance provides a primer on the essential techniques, technologies and uses of access management.
Introduction to identity and access management. This guidance provides a primer on the ... Introduction to identity and access management. This guid...
NCSC Feed
How to spot scammers claiming to be from the NCSC. Check that you're talking to a genuine NCSC employee, and not a criminal.
How to spot scammers claiming to be from the NCSC. Check that you're talking to a genui... How to spot scammers claiming to be from the NCSC. Check ...
NCSC Feed
How to recover an infected device. Advice for those concerned a device has been infected.
How to recover an infected device. Advice for those concerned a device has been infected. How to recover an infected device. Advice for those conce...
NCSC Feed
Home working: preparing your organisation and staff. How to make sure your organisation is prepared for home working.
Home working: preparing your organisation and staff. How to make sure your organisation... Home working: preparing your organisation and staff. How ...
NCSC Feed
Guidance on digital forensics and protective monitoring specifications for producers of network devices and appliances. Outlining the expectations for the minimum requirement for forensic visibility, to help network defenders secure organisational networks both before and after a compromise.
Guidance on digital forensics and protective monitoring specifications for producers of... Guidance on digital forensics and protective monitoring s...
NCSC Feed
Guidance for organisations considering payment in ransomware incidents. Advice for organisations experiencing a ransomware attack and the partner organisations supporting them.
Guidance for organisations considering payment in ransomware incidents. Advice for orga... Guidance for organisations considering payment in ransomw...
NCSC Feed
Guidance for brands to help advertising partners counter malvertising. Advice to make it harder for cyber criminals to deliver malicious advertising, and reduce the risk of cyber-facilitated fraud.
Guidance for brands to help advertising partners counter malvertising. Advice to make i... Guidance for brands to help advertising partners counter ...
NCSC Feed
Guidance following recent DoS attacks in the run up to the 2019 General Election.
Guidance following recent DoS attacks in the run up to the 2019 General Election. Guidance following recent DoS attacks in the run up to th...
NCSC Feed
GDPR security outcomes. This guidance describes a set of technical security outcomes that are considered to represent appropriate measures under the GDPR.
GDPR security outcomes. This guidance describes a set of technical security outcomes th... GDPR security outcomes. This guidance describes a set of ...
NCSC Feed
Effective steps to cyber exercise creation. The following tips can help organisations create their own cyber incident response exercises.
Effective steps to cyber exercise creation. The following tips can help organisations c... Effective steps to cyber exercise creation. The following...
NCSC Feed
Guidance on effective communications in a cyber incident. Supporting organisations of all sizes to manage their communications strategy before, during and after a cyber security incident.
Guidance on effective communications in a cyber incident. Supporting organisations of a... Guidance on effective communications in a cyber incident....
NCSC Feed
Early Years practitioners: using cyber security to protect your settings. How to protect sensitive information about your setting and the children in your care from accidental damage and online criminals.
Early Years practitioners: using cyber security to protect your settings. How to protec... Early Years practitioners: using cyber security to protec...
NCSC Feed
Design Pattern: Safely Exporting Data. How to implement a secure end-to-end data export solution.
Design Pattern: Safely Exporting Data. How to implement a secure end-to-end data export... Design Pattern: Safely Exporting Data. How to implement a...
NCSC Feed
Design guidelines for high assurance products. Approaches to the design, development and assessment of products capable of resisting elevated threats.
Design guidelines for high assurance products. Approaches to the design, development an... Design guidelines for high assurance products. Approaches...
NCSC Feed
Dealing with the SolarWinds Orion compromise. Immediate actions for all organisations using the SolarWinds Orion suite of IT management tools.
Dealing with the SolarWinds Orion compromise. Immediate actions for all organisations u... Dealing with the SolarWinds Orion compromise. Immediate a...
NCSC Feed
Data breaches: guidance for individuals and families. How to protect yourself from the impact of data breaches.
Data breaches: guidance for individuals and families. How to protect yourself from the ... Data breaches: guidance for individuals and families. How...
NCSC Feed
Cyber security for major events. Assessing the cyber security needs of major events.
Cyber security for major events. Assessing the cyber security needs of major events. Cyber security for major events. Assessing the cyber secu...
NCSC Feed
Cyber security for high profile conferences. Managing the cyber security of high profile events in the real and virtual worlds.
Cyber security for high profile conferences. Managing the cyber security of high profil... Cyber security for high profile conferences. Managing the...
NCSC Feed
Cyber security for farmers. Guidance to help farmers improve the security and resilience of their business against cyber threats.
Cyber security for farmers. Guidance to help farmers improve the security and resilienc... Cyber security for farmers. Guidance to help farmers impr...
NCSC Feed