Buzz & Beyond: Ncsc feed

The Government Cyber Action Plan: strengthening resilience across the UK. With GCAP, the UK government is taking decisive steps towards a safer, more resilient future.

Trending

The Government Cyber Action Plan: strengthening resilience across the UK. With GCAP, the UK government is taking decisive steps towards a safer, more resilient future.

The Government Cyber Action Plan: strengthening resilience across the UK. With GCAP, the UK government is taking decisive steps towards a safer, more resilient future.

Source: NCSC Feed

Published: Jan, 07 2026 13:16

With GCAP, the UK government is taking decisive steps towards a safer, more resilient future.

Continue reading...

Cyber deception trials: what we’ve le...

Cyber deception trials: what we’ve learned so far. An update on the NCSC's trials to test the real-world efficacy of ... Cyber deception trials: what we’ve learned so far. An update on the NCSC's trials to test the real-world efficacy of cyber deception solutions.

Prompt injection is not SQL injection...

Prompt injection is not SQL injection (it may be worse). There are crucial differences between prompt and SQL injecti... Prompt injection is not SQL injection (it may be worse). There are crucial differences between prompt and SQL injection which – if not considered – can undermine mitigations.

Provisioning and managing certificate...

Provisioning and managing certificates in the Web PKI. How service owners should securely provision and manage certif... Provisioning and managing certificates in the Web PKI. How service owners should securely provision and manage certificates in the Web PKI.

Updating our guidance on security cer...

Updating our guidance on security certificates, TLS and IPsec. The NCSC has updated 3 key pieces of cryptographic gui... Updating our guidance on security certificates, TLS and IPsec. The NCSC has updated 3 key pieces of cryptographic guidance. Here, we explain the changes.

Building trust in the digital age: a ...

Building trust in the digital age: a collaborative approach to content provenance technologies. Joint NCSC and Canadi... Building trust in the digital age: a collaborative approach to content provenance technologies. Joint NCSC and Canadian Centre for Cyber Security primer helps organisations understand emerging technologies that can help maintain trust in their public-facing information.

What makes a responsible cyber actor:...

What makes a responsible cyber actor: introducing the Pall Mall industry consultation on good practice. Calling vulne... What makes a responsible cyber actor: introducing the Pall Mall industry consultation on good practice. Calling vulnerability researchers, exploit developers and others in the offensive cyber industry to share their views.

Most Viewed

The Government Cyber Action Plan: strengthening resilienc...

The Government Cyber Action Plan: strengthening resilience across the UK. With GCAP, th... The Government Cyber Action Plan: strengthening resilienc...

Cyber deception trials: what we’ve learned so far. An upd...

Cyber deception trials: what we’ve learned so far. An update on the NCSC's trials to te... Cyber deception trials: what we’ve learned so far. An upd...

Prompt injection is not SQL injection (it may be worse). ...

Prompt injection is not SQL injection (it may be worse). There are crucial differences ... Prompt injection is not SQL injection (it may be worse). ...

Provisioning and managing certificates in the Web PKI. Ho...

Provisioning and managing certificates in the Web PKI. How service owners should secure... Provisioning and managing certificates in the Web PKI. Ho...

Updating our guidance on security certificates, TLS and I...

Updating our guidance on security certificates, TLS and IPsec. The NCSC has updated 3 k... Updating our guidance on security certificates, TLS and I...

Building trust in the digital age: a collaborative approa...

Building trust in the digital age: a collaborative approach to content provenance techn... Building trust in the digital age: a collaborative approa...

What makes a responsible cyber actor: introducing the Pal...

What makes a responsible cyber actor: introducing the Pall Mall industry consultation o... What makes a responsible cyber actor: introducing the Pal...

It's time for all small businesses to act. The NCSC’s Cyb...

It's time for all small businesses to act. The NCSC’s Cyber Action Toolkit helps you to... It's time for all small businesses to act. The NCSC’s Cyb...

NCSC handing over the baton of smart meter security: a de...

NCSC handing over the baton of smart meter security: a decade of progress. Why transfer... NCSC handing over the baton of smart meter security: a de...

Choosing a managed service provider (MSP). An SME’s guide...

Choosing a managed service provider (MSP). An SME’s guide to selecting and working with... Choosing a managed service provider (MSP). An SME’s guide...

Cyber Action Toolkit: breaking down the barriers to resil...

Cyber Action Toolkit: breaking down the barriers to resilience. How the NCSC’s ‘Cyber A... Cyber Action Toolkit: breaking down the barriers to resil...

NCSC to retire Web Check and Mail Check. By 31 March 2026...

NCSC to retire Web Check and Mail Check. By 31 March 2026, organisations should have al... NCSC to retire Web Check and Mail Check. By 31 March 2026...

Historical Trends

Business communications - SMS and telephone best practice. How to ensure your organisation's SMS and telephone messages are effective and trustworthy.

Business communications - SMS and telephone best practice. How to ensure your organisat... Business communications - SMS and telephone best practice...

NCSC Feed

Building and operating a secure online service. Guidance for organisations that use, own, or operate an online service who are looking to start securing it.

Building and operating a secure online service. Guidance for organisations that use, ow... Building and operating a secure online service. Guidance ...

NCSC Feed

Engaging with Boards to improve the management of cyber security risk. How to communicate more effectively with board members to improve cyber security decision making.

Engaging with Boards to improve the management of cyber security risk. How to communica... Engaging with Boards to improve the management of cyber s...

NCSC Feed

Authentication methods: choosing the right type. Recommended authentication models for organisations looking to move 'beyond passwords'.

Authentication methods: choosing the right type. Recommended authentication models for ... Authentication methods: choosing the right type. Recommen...

NCSC Feed

Asset management. Implementing asset management for good cyber security.

Asset management. Implementing asset management for good cyber security. Asset management. Implementing asset management for good ...

NCSC Feed

Approaching enterprise technology with cyber security in mind. How organisations can approach enterprise technology in order to deter cyber attacks.

Approaching enterprise technology with cyber security in mind. How organisations can ap... Approaching enterprise technology with cyber security in ...

NCSC Feed

AI and cyber security: what you need to know. Understanding the risks - and benefits - of using AI tools.

AI and cyber security: what you need to know. Understanding the risks - and benefits - ... AI and cyber security: what you need to know. Understandi...

NCSC Feed

Advice for End Users. We recommend that guidance is given to all remote and mobile users on how to keep information on their devices safe and secure.

Advice for End Users. We recommend that guidance is given to all remote and mobile user... Advice for End Users. We recommend that guidance is given...

NCSC Feed

Actions to take when the cyber threat is heightened. When organisations might face a greater threat, and the steps to take to improve security.

Actions to take when the cyber threat is heightened. When organisations might face a gr... Actions to take when the cyber threat is heightened. When...

NCSC Feed

Acquiring, managing, and disposing of network devices. Advice for organisations on the acquisition, management and disposal of network devices.

Acquiring, managing, and disposing of network devices. Advice for organisations on the ... Acquiring, managing, and disposing of network devices. Ad...

NCSC Feed

'Smart' security cameras: Using them safely in your home. How to protect 'smart' security cameras and baby monitors from cyber attack.

'Smart' security cameras: Using them safely in your home. How to protect 'smart' securi... 'Smart' security cameras: Using them safely in your home....

NCSC Feed

A method to assess 'forgivable' vs 'unforgivable' vulnerabilities. Research from the NCSC designed to eradicate vulnerability classes and make the top-level mitigations easier to implement.

A method to assess 'forgivable' vs 'unforgivable' vulnerabilities. Research from the NC... A method to assess 'forgivable' vs 'unforgivable' vulnera...

NCSC Feed

Vulnerability Scanning: Keeping on top of the most common threats. Vulnerability Scanning solutions offer a cost-effective way to discover and manage common security issues.

Vulnerability Scanning: Keeping on top of the most common threats. Vulnerability Scanni... Vulnerability Scanning: Keeping on top of the most common...

NCSC Feed

Identifying suspicious credential usage. How NCSC guidance can help organisations detect and protect themselves from credential abuse.

Identifying suspicious credential usage. How NCSC guidance can help organisations detec... Identifying suspicious credential usage. How NCSC guidanc...

NCSC Feed

ACD 2.0: Insights from the external attack surface management trials. We publish the results of our ACD 2.0 external attack surface management (EASM) trials.

ACD 2.0: Insights from the external attack surface management trials. We publish the re... ACD 2.0: Insights from the external attack surface manage...

NCSC Feed

Making Principles Based Assurance a reality. An update on the work to make Principles Based Assurance (PBA) usable in practice.

Making Principles Based Assurance a reality. An update on the work to make Principles B... Making Principles Based Assurance a reality. An update on...

NCSC Feed

New interactive video - and related downloads - to help secondary school kids stay safe online. A new initiative, aimed at 11 to 14-year-olds, that helps them navigate the risks of online life.

New interactive video - and related downloads - to help secondary school kids stay safe... New interactive video - and related downloads - to help s...

NCSC Feed

The future of Technology Assurance in the UK. Chris Ensor highlights some important elements of the NCSC's new Technology Assurance strategy.

The future of Technology Assurance in the UK. Chris Ensor highlights some important ele... The future of Technology Assurance in the UK. Chris Ensor...

NCSC Feed

Are you hungry? A two-part blog about risk appetites. Risk appetites; what are they, what’s their purpose, how do organisations go about defining them?.

Are you hungry? A two-part blog about risk appetites. Risk appetites; what are they, wh... Are you hungry? A two-part blog about risk appetites. Ris...

NCSC Feed

Zero trust 1.0. Zero trust architecture design principles 1.0 launched.

Zero trust 1.0. Zero trust architecture design principles 1.0 launched. Zero trust 1.0. Zero trust architecture design principles...

NCSC Feed

Defending software build pipelines from malicious attack. Compromise of your software build pipeline can have wide-reaching impact; here's how to tackle the problem.

Defending software build pipelines from malicious attack. Compromise of your software b... Defending software build pipelines from malicious attack....

NCSC Feed

Supplier assurance: having confidence in your suppliers. Questions to ask your suppliers that will help you gain confidence in their cyber security.

Supplier assurance: having confidence in your suppliers. Questions to ask your supplier... Supplier assurance: having confidence in your suppliers. ...

NCSC Feed

Why cloud first is not a security problem. Using the cloud securely should be your primary concern - not the underlying security of the public cloud.

Why cloud first is not a security problem. Using the cloud securely should be your prim... Why cloud first is not a security problem. Using the clou...

NCSC Feed

NCSC IT: There's confidence and then there's SaaS. Raising a cheer for SaaS vendors who respond to our cloud security principles.

NCSC IT: There's confidence and then there's SaaS. Raising a cheer for SaaS vendors who... NCSC IT: There's confidence and then there's SaaS. Raisin...

NCSC Feed

Protecting parked domains for the UK public sector. Non-email sending (parked) domains can be used to generate spam email, but they're easy to protect.

Protecting parked domains for the UK public sector. Non-email sending (parked) domains ... Protecting parked domains for the UK public sector. Non-e...

NCSC Feed

There's a hole in my bucket. ...or 'Why do people leave sensitive data in unprotected AWS S3 buckets?'.

There's a hole in my bucket. ...or 'Why do people leave sensitive data in unprotected A... There's a hole in my bucket. ...or 'Why do people leave s...

NCSC Feed

Equities process. Publication of the UK’s process for how we handle vulnerabilities.

Equities process. Publication of the UK’s process for how we handle vulnerabilities. Equities process. Publication of the UK’s process for how...

NCSC Feed

Protecting system administration with PAM. Remote system administration provides powerful and flexible access to systems and services.

Protecting system administration with PAM. Remote system administration provides powerf... Protecting system administration with PAM. Remote system ...

NCSC Feed

The near-term impact of AI on the cyber threat. An NCSC assessment focusing on how AI will impact the efficacy of cyber operations and the implications for the cyber threat over the next two years.

The near-term impact of AI on the cyber threat. An NCSC assessment focusing on how AI w... The near-term impact of AI on the cyber threat. An NCSC a...

NCSC Feed

Organisational use of Enterprise Connected Devices. Assessing the cyber security threat to UK organisations using Enterprise Connected Devices.

Organisational use of Enterprise Connected Devices. Assessing the cyber security threat... Organisational use of Enterprise Connected Devices. Asses...

NCSC Feed

The cyber threat to Universities. Assessing the cyber security threat to UK Universities.

The cyber threat to Universities. Assessing the cyber security threat to UK Universities. The cyber threat to Universities. Assessing the cyber sec...

NCSC Feed

An RFC on IoCs – playing our part in international standards. The NCSC has published a new RFC on Indicators of Compromise to support cyber security in protocol design - and hopes to encourage more cyber defenders to engage with international standards.

An RFC on IoCs – playing our part in international standards. The NCSC has published a ... An RFC on IoCs – playing our part in international standa...

NCSC Feed

So long and thanks for all the bits. Ian Levy, the NCSC’s departing Technical Director, discusses life, the universe, and everything.

So long and thanks for all the bits. Ian Levy, the NCSC’s departing Technical Director,... So long and thanks for all the bits. Ian Levy, the NCSC’s...

NCSC Feed

New 'Connected Places' infographic published. A new visual guide to the cyber security principles that are essential when developing and managing ‘smart cities’.

New 'Connected Places' infographic published. A new visual guide to the cyber security ... New 'Connected Places' infographic published. A new visua...

NCSC Feed

NCSC's cyber security training for staff now available. The NCSC’s e-learning package 'Top Tips For Staff' can be completed online, or built into your own training platform.

NCSC's cyber security training for staff now available. The NCSC’s e-learning package '... NCSC's cyber security training for staff now available. T...

NCSC Feed

Erasing data from donated devices. How charities can erase personal data from donated laptops, phones and tablets, before passing them on.

Erasing data from donated devices. How charities can erase personal data from donated l... Erasing data from donated devices. How charities can eras...

NCSC Feed

Cloud security made easier with Serverless. Our research shows that using Serverless components makes it easier to get good security in the cloud.

Cloud security made easier with Serverless. Our research shows that using Serverless co... Cloud security made easier with Serverless. Our research ...

NCSC Feed

Cyber Essentials Plus is for charities too!. Sara Ward, the CEO of Black Country Women's Aid, discusses her organisation's experience of gaining Cyber Essentials Plus certification.

Cyber Essentials Plus is for charities too!. Sara Ward, the CEO of Black Country Women'... Cyber Essentials Plus is for charities too!. Sara Ward, t...

NCSC Feed

Helping organisations - and researchers - to manage vulnerability disclosure. Ollie N explains the thinking behind the NCSC’s new Vulnerability Disclosure Toolkit, which is now available to download.

Helping organisations - and researchers - to manage vulnerability disclosure. Ollie N e... Helping organisations - and researchers - to manage vulne...

NCSC Feed

Refreshed 'cyber security toolkit' helps board members to govern online risk. Lindy Cameron, CEO, introduces changes to the NCSC’s cyber security resources specifically designed for board members.

Refreshed 'cyber security toolkit' helps board members to govern online risk. Lindy Cam... Refreshed 'cyber security toolkit' helps board members to...

NCSC Feed

Growing positive security cultures. If your security culture isn't improving naturally, here's what you can do about it.

Growing positive security cultures. If your security culture isn't improving naturally,... Growing positive security cultures. If your security cult...

NCSC Feed

Check your email security, and protect your customers. Free online tool from the NCSC prevents cyber criminals using your email to conduct cyber attacks.

Check your email security, and protect your customers. Free online tool from the NCSC p... Check your email security, and protect your customers. Fr...

NCSC Feed

Cyber Security Toolkit for Boards: updated briefing pack released. New presentation includes voiceover and insights on ransomware attack on the British Library.

Cyber Security Toolkit for Boards: updated briefing pack released. New presentation inc... Cyber Security Toolkit for Boards: updated briefing pack ...

NCSC Feed

Firmware updates on Linux, and using data to influence procurement decisions. Focused on automating UEFI firmware updates on Windows devices.

Firmware updates on Linux, and using data to influence procurement decisions. Focused o... Firmware updates on Linux, and using data to influence pr...

NCSC Feed

What exactly should we be logging?. A structured look at what data to collect for security purposes and when to collect it.

What exactly should we be logging?. A structured look at what data to collect for secur... What exactly should we be logging?. A structured look at ...

NCSC Feed

New cloud guidance: how to 'lift and shift' successfully. Henry O discusses the pitfalls of performing a basic ‘lift and shift’ cloud migration.

New cloud guidance: how to 'lift and shift' successfully. Henry O discusses the pitfall... New cloud guidance: how to 'lift and shift' successfully....

NCSC Feed

Drawing good architecture diagrams. Some tips on good diagram drafting and pitfalls to avoid when trying to understand a system in order to secure it.

Drawing good architecture diagrams. Some tips on good diagram drafting and pitfalls to ... Drawing good architecture diagrams. Some tips on good dia...

NCSC Feed

The future of telecoms in the UK. NCSC Technical Director Dr Ian Levy explains how the security analysis behind the DCMS supply chain review will ensure the UK’s telecoms networks are secure – regardless of the vendors used.

The future of telecoms in the UK. NCSC Technical Director Dr Ian Levy explains how the ... The future of telecoms in the UK. NCSC Technical Director...

NCSC Feed

Studies in secure system design. Worked examples for Operational Technology and Virtualised systems, using the NCSC’s secure design principles.

Studies in secure system design. Worked examples for Operational Technology and Virtual... Studies in secure system design. Worked examples for Oper...

NCSC Feed

Zero trust: building a mixed estate. Two ways organisations can enable access and maintain the security benefits of zero trust even when parts of the infrastructure can't implement the zero trust principles.

Zero trust: building a mixed estate. Two ways organisations can enable access and maint... Zero trust: building a mixed estate. Two ways organisatio...

NCSC Feed