1. Home
  2. Ncsc Feed

Buzz & Beyond: Ncsc feed

Improving your response to vulnerability management. How to ensure the ‘organisational memory’ of past vulnerabilities is not lost.
Trending

Improving your response to vulnerability management. How to ensure the ‘organisational memory’ of past vulnerabilities is not lost.

Improving your response to vulnerability management. How to ensure the ‘organisational memory’ of past vulnerabilities is not lost.
Source: NCSC Feed
Published: Feb, 09 2026 20:24

How to ensure the ‘organisational memory’ of past vulnerabilities is not lost.

Continue reading...

Can you help the NCSC with the next p...
Can you help the NCSC with the next phase of EASM research?. Organisations with experience in external attack surface... Can you help the NCSC with the next phase of EASM research?. Organisations with experience in external attack surface management can help us shape future ACD 2.0 services.
NCSC Feed
Cloud Security Posture Management: si...
Cloud Security Posture Management: silver bullet or another piece in the cloud puzzle?. CSPM tools are big business. ... Cloud Security Posture Management: silver bullet or another piece in the cloud puzzle?. CSPM tools are big business. Could they be the answer to your cloud configuration problems?.
NCSC Feed
One small step for Cyber Resilience T...
One small step for Cyber Resilience Test Facilities, one giant leap for technology assurance. CRTFs are helping organ... One small step for Cyber Resilience Test Facilities, one giant leap for technology assurance. CRTFs are helping organisations to make informed, risk-based decisions on the adoption of technology products.
NCSC Feed
Designing safer links: secure connect...
Designing safer links: secure connectivity for operational technology. New principles help organisations to design, r... Designing safer links: secure connectivity for operational technology. New principles help organisations to design, review, and secure connectivity to (and within) OT systems.
NCSC Feed
The Government Cyber Action Plan: str...
The Government Cyber Action Plan: strengthening resilience across the UK. With GCAP, the UK government is taking deci... The Government Cyber Action Plan: strengthening resilience across the UK. With GCAP, the UK government is taking decisive steps towards a safer, more resilient future.
NCSC Feed
Cyber deception trials: what we’ve le...
Cyber deception trials: what we’ve learned so far. An update on the NCSC's trials to test the real-world efficacy of ... Cyber deception trials: what we’ve learned so far. An update on the NCSC's trials to test the real-world efficacy of cyber deception solutions.
NCSC Feed

Most Viewed

Improving your response to vulnerability management. How ...
Improving your response to vulnerability management. How to ensure the ‘organisational ... Improving your response to vulnerability management. How ...
NCSC Feed
Can you help the NCSC with the next phase of EASM researc...
Can you help the NCSC with the next phase of EASM research?. Organisations with experie... Can you help the NCSC with the next phase of EASM researc...
NCSC Feed
Cloud Security Posture Management: silver bullet or anoth...
Cloud Security Posture Management: silver bullet or another piece in the cloud puzzle?.... Cloud Security Posture Management: silver bullet or anoth...
NCSC Feed
One small step for Cyber Resilience Test Facilities, one ...
One small step for Cyber Resilience Test Facilities, one giant leap for technology assu... One small step for Cyber Resilience Test Facilities, one ...
NCSC Feed
Designing safer links: secure connectivity for operationa...
Designing safer links: secure connectivity for operational technology. New principles h... Designing safer links: secure connectivity for operationa...
NCSC Feed
The Government Cyber Action Plan: strengthening resilienc...
The Government Cyber Action Plan: strengthening resilience across the UK. With GCAP, th... The Government Cyber Action Plan: strengthening resilienc...
NCSC Feed
Cyber deception trials: what we’ve learned so far. An upd...
Cyber deception trials: what we’ve learned so far. An update on the NCSC's trials to te... Cyber deception trials: what we’ve learned so far. An upd...
NCSC Feed
Prompt injection is not SQL injection (it may be worse). ...
Prompt injection is not SQL injection (it may be worse). There are crucial differences ... Prompt injection is not SQL injection (it may be worse). ...
NCSC Feed
Provisioning and managing certificates in the Web PKI. Ho...
Provisioning and managing certificates in the Web PKI. How service owners should secure... Provisioning and managing certificates in the Web PKI. Ho...
NCSC Feed
Updating our guidance on security certificates, TLS and I...
Updating our guidance on security certificates, TLS and IPsec. The NCSC has updated 3 k... Updating our guidance on security certificates, TLS and I...
NCSC Feed
Building trust in the digital age: a collaborative approa...
Building trust in the digital age: a collaborative approach to content provenance techn... Building trust in the digital age: a collaborative approa...
NCSC Feed
What makes a responsible cyber actor: introducing the Pal...
What makes a responsible cyber actor: introducing the Pall Mall industry consultation o... What makes a responsible cyber actor: introducing the Pal...
NCSC Feed

Historical Trends

New cloud guidance: how to 'lift and shift' successfully. Henry O discusses the pitfalls of performing a basic ‘lift and shift’ cloud migration.
New cloud guidance: how to 'lift and shift' successfully. Henry O discusses the pitfall... New cloud guidance: how to 'lift and shift' successfully....
NCSC Feed
Drawing good architecture diagrams. Some tips on good diagram drafting and pitfalls to avoid when trying to understand a system in order to secure it.
Drawing good architecture diagrams. Some tips on good diagram drafting and pitfalls to ... Drawing good architecture diagrams. Some tips on good dia...
NCSC Feed
The future of telecoms in the UK. NCSC Technical Director Dr Ian Levy explains how the security analysis behind the DCMS supply chain review will ensure the UK’s telecoms networks are secure – regardless of the vendors used.
The future of telecoms in the UK. NCSC Technical Director Dr Ian Levy explains how the ... The future of telecoms in the UK. NCSC Technical Director...
NCSC Feed
Studies in secure system design. Worked examples for Operational Technology and Virtualised systems, using the NCSC’s secure design principles.
Studies in secure system design. Worked examples for Operational Technology and Virtual... Studies in secure system design. Worked examples for Oper...
NCSC Feed
Zero trust: building a mixed estate. Two ways organisations can enable access and maintain the security benefits of zero trust even when parts of the infrastructure can't implement the zero trust principles.
Zero trust: building a mixed estate. Two ways organisations can enable access and maint... Zero trust: building a mixed estate. Two ways organisatio...
NCSC Feed
Transaction Monitoring for online services. This guidance is aimed at service owners and security specialists involved in the provision of online services.
Transaction Monitoring for online services. This guidance is aimed at service owners an... Transaction Monitoring for online services. This guidance...
NCSC Feed
'NCSC Cyber Series' podcast now available. Listen to all five episodes now, covering a wide range of cyber security topics.
'NCSC Cyber Series' podcast now available. Listen to all five episodes now, covering a ... 'NCSC Cyber Series' podcast now available. Listen to all ...
NCSC Feed
Preserving integrity in the age of generative AI. New ‘Content Credentials’ guidance from the NSA seeks to counter the erosion of trust.
Preserving integrity in the age of generative AI. New ‘Content Credentials’ guidance f... Preserving integrity in the age of generative AI. New ‘C...
NCSC Feed
Eradicating trivial vulnerabilities, at scale. A new NCSC research paper aims to reduce the presence of ‘unforgivable’ vulnerabilities.
Eradicating trivial vulnerabilities, at scale. A new NCSC research paper aims to reduce... Eradicating trivial vulnerabilities, at scale. A new NCSC...
NCSC Feed
ACD 2.0 exploration into attack surface management completed. We thank participants and look forward to sharing what we've learned.
ACD 2.0 exploration into attack surface management completed. We thank participants and... ACD 2.0 exploration into attack surface management comple...
NCSC Feed
Passkeys: they're not perfect but they're getting better. Passkeys are the future of authentication, offering enhanced security and convenience over passwords, but widespread adoption faces challenges that the NCSC is working to resolve.
Passkeys: they're not perfect but they're getting better. Passkeys are the future of au... Passkeys: they're not perfect but they're getting better....
NCSC Feed
Passkeys: the promise of a simpler and safer alternative to passwords. The merits of choosing passkeys over passwords to help keep your online accounts more secure, and explaining how the technology promises to do this.
Passkeys: the promise of a simpler and safer alternative to passwords. The merits of ch... Passkeys: the promise of a simpler and safer alternative ...
NCSC Feed
Revolutionising identity services using AI. The ‘NCSC for Startups’ alumnus giving identity verification the 'Trust Stamp'.
Revolutionising identity services using AI. The ‘NCSC for Startups’ alumnus giving iden... Revolutionising identity services using AI. The ‘NCSC for...
NCSC Feed
NCSC For Startups: taking on malvertising. Can your startup help counter the rise of malicious advertising?.
NCSC For Startups: taking on malvertising. Can your startup help counter the rise of ma... NCSC For Startups: taking on malvertising. Can your start...
NCSC Feed
Applying the Cloud Security Principles in practice: a case study. Using the Cloud Security Principles to evaluate the suitability of a cloud service.
Applying the Cloud Security Principles in practice: a case study. Using the Cloud Secur... Applying the Cloud Security Principles in practice: a cas...
NCSC Feed
Assured Cyber Incident Response scheme – important updates. We’ve updated the CIR 'Enhanced Level' scheme standard and will be ready to accept applications in the new year.
Assured Cyber Incident Response scheme – important updates. We’ve updated the CIR 'Enha... Assured Cyber Incident Response scheme – important update...
NCSC Feed
Making the UK the safest place to live and do business online. The NCSC's Chief Executive Ciaran Martin outlines why the UK needs a National Cyber Security Centre.
Making the UK the safest place to live and do business online. The NCSC's Chief Executi... Making the UK the safest place to live and do business on...
NCSC Feed
Three random words or #thinkrandom. Ian M discusses what makes a good password.
Three random words or #thinkrandom. Ian M discusses what makes a good password. Three random words or #thinkrandom. Ian M discusses what ...
NCSC Feed
What does the NCSC think of password managers?. Emma W discusses the question everyone keeps asking us.
What does the NCSC think of password managers?. Emma W discusses the question everyone ... What does the NCSC think of password managers?. Emma W di...
NCSC Feed
Ransomware: 'WannaCry' guidance for home users and small businesses. Guidance for home users or small businesses who want to reduce the likelihood of being held to ransom by WannaCry (or other types of ransomware).
Ransomware: 'WannaCry' guidance for home users and small businesses. Guidance for home ... Ransomware: 'WannaCry' guidance for home users and small ...
NCSC Feed
What is an antivirus product? Do I need one?. Detect and prevent malicious software and viruses on your computer or laptop.
What is an antivirus product? Do I need one?. Detect and prevent malicious software and... What is an antivirus product? Do I need one?. Detect and ...
NCSC Feed
Terminology: it's not black and white. The NCSC now uses 'allow list' and 'deny list' in place of 'whitelist' and 'blacklist'. Emma W explains why.
Terminology: it's not black and white. The NCSC now uses 'allow list' and 'deny list' i... Terminology: it's not black and white. The NCSC now uses ...
NCSC Feed
Video conferencing services: using them securely. How to set up and use video conferencing services, such as Zoom and Skype, safely and securely.
Video conferencing services: using them securely. How to set up and use video conferenc... Video conferencing services: using them securely. How to ...
NCSC Feed
Secure home working on personal IT. Useful tips and resources for people using personal IT to work from home.
Secure home working on personal IT. Useful tips and resources for people using personal... Secure home working on personal IT. Useful tips and resou...
NCSC Feed
CyberFirst industries support CyberTV for students. Cyber security-themed videos, blogs and interviews from industry experts are supporting students and teachers.
CyberFirst industries support CyberTV for students. Cyber security-themed videos, blogs... CyberFirst industries support CyberTV for students. Cyber...
NCSC Feed
New guidance for practitioners supporting victims of 'domestic cyber crime'. The NCSC produces advice for practitioners working with victims who are being tracked, stalked, or virtually monitored.
New guidance for practitioners supporting victims of 'domestic cyber crime'. The NCSC p... New guidance for practitioners supporting victims of 'dom...
NCSC Feed
Accessibility as a cyber security priority. Want security that works better for people? Make it accessible.
Accessibility as a cyber security priority. Want security that works better for people?... Accessibility as a cyber security priority. Want security...
NCSC Feed
QR Codes - what's the real risk?. How safe is it to scan that QR code in the pub? Or in that email?.
QR Codes - what's the real risk?. How safe is it to scan that QR code in the pub? Or in... QR Codes - what's the real risk?. How safe is it to scan ...
NCSC Feed
Smart devices: new law helps citizens to choose secure products. Download the NCSC’s point-of-sale leaflet explaining how new PSTI regulation affects consumers and retailers.
Smart devices: new law helps citizens to choose secure products. Download the NCSC’s po... Smart devices: new law helps citizens to choose secure pr...
NCSC Feed
Telling users to ‘avoid clicking bad links’ still isn’t working. Why organisations should avoid ‘blame and fear’, and instead use technical measures to manage the threat from phishing.
Telling users to ‘avoid clicking bad links’ still isn’t working. Why organisations shou... Telling users to ‘avoid clicking bad links’ still isn’t w...
NCSC Feed
A decade of Cyber Essentials: the journey towards a safer digital future. The 10-year anniversary of Cyber Essentials is not just a celebration of past achievements but a call to action for the future.
A decade of Cyber Essentials: the journey towards a safer digital future. The 10-year a... A decade of Cyber Essentials: the journey towards a safer...
NCSC Feed
Helping banish malicious adverts – and drive a secure advertising ecosystem. If your brand uses digital advertising, the NCSC has new guidance to help you choose a security-minded partner.
Helping banish malicious adverts – and drive a secure advertising ecosystem. If your br... Helping banish malicious adverts – and drive a secure adv...
NCSC Feed
Cyber Resilience Audit (CRA) scheme launches for assured CAF-based audits. NCSC-assured CRA service now offering Cyber Assessment Framework based audits and more applications invited from potential service providers.
Cyber Resilience Audit (CRA) scheme launches for assured CAF-based audits. NCSC-assured... Cyber Resilience Audit (CRA) scheme launches for assured ...
NCSC Feed
The threat from commercial cyber proliferation. Report informing readers about the threat to UK industry and society from commercial cyber tools and services.
The threat from commercial cyber proliferation. Report informing readers about the thre... The threat from commercial cyber proliferation. Report in...
NCSC Feed
Cyber Essentials: are there any alternative standards?. Can an equivalent cyber security standard deliver the same outcomes as the NCSC’s Cyber Essentials scheme?.
Cyber Essentials: are there any alternative standards?. Can an equivalent cyber securit... Cyber Essentials: are there any alternative standards?. C...
NCSC Feed
'PDNS for Schools' to provide cyber resilience for more institutions. The NCSC’s ‘Protective Domain Name Service for Schools’ scaled-up to protect a wider range of organisations.
'PDNS for Schools' to provide cyber resilience for more institutions. The NCSC’s ‘Prote... 'PDNS for Schools' to provide cyber resilience for more i...
NCSC Feed
Not all types of MFA are created equal. Our updated multi-factor authentication (MFA) guidance recommends organisations use techniques that give better protection against phishing attacks.
Not all types of MFA are created equal. Our updated multi-factor authentication (MFA) g... Not all types of MFA are created equal. Our updated multi...
NCSC Feed
How to talk to board members about cyber. New guidance helps CISOs communicate with Boards to improve oversight of cyber risk.
How to talk to board members about cyber. New guidance helps CISOs communicate with Boa... How to talk to board members about cyber. New guidance he...
NCSC Feed
Celebrating eight years of being the NCSC – a part of GCHQ. As Felicity Oswald hands over to the new NCSC CEO, she reflects on why cyber security and intelligence are so connected.
Celebrating eight years of being the NCSC – a part of GCHQ. As Felicity Oswald hands ov... Celebrating eight years of being the NCSC – a part of GCH...
NCSC Feed
Protective Monitoring for HMG ICT Systems (GPG 13). Please note that this document is out of date and is provided for historical reference only. It should not be used in the design and operation of new systems.
Protective Monitoring for HMG ICT Systems (GPG 13). Please note that this document is o... Protective Monitoring for HMG ICT Systems (GPG 13). Pleas...
NCSC Feed
SBOMs and the importance of inventory. Can a Software Bill of Materials (SBOM) provide organisations with better insight into their supply chains?.
SBOMs and the importance of inventory. Can a Software Bill of Materials (SBOM) provide ... SBOMs and the importance of inventory. Can a Software Bil...
NCSC Feed
Threats and key takeaways for the legal sector. New NCSC report outlines the growing threat to the legal sector, with recommendations to improve cyber resilience.
Threats and key takeaways for the legal sector. New NCSC report outlines the growing th... Threats and key takeaways for the legal sector. New NCSC ...
NCSC Feed
NCSC’s Cyber Advisor scheme milestone. Cyber Advisor scheme for small organisations welcomes its 100th advisor, but more still needed!.
NCSC’s Cyber Advisor scheme milestone. Cyber Advisor scheme for small organisations wel... NCSC’s Cyber Advisor scheme milestone. Cyber Advisor sche...
NCSC Feed
Digital twins: secure design and development. How existing NCSC guidance can assist those looking to develop and deploy ‘digital twins’.
Digital twins: secure design and development. How existing NCSC guidance can assist tho... Digital twins: secure design and development. How existin...
NCSC Feed
Cyber Resilience Audit scheme open to applications. A new NCSC scheme assuring providers of CAF-based audits is now open for potential members.
Cyber Resilience Audit scheme open to applications. A new NCSC scheme assuring provider... Cyber Resilience Audit scheme open to applications. A new...
NCSC Feed
Post-quantum cryptography: what comes next?. Jeremy B explains how the NCSC will help organisations plan their migration to PQC.
Post-quantum cryptography: what comes next?. Jeremy B explains how the NCSC will help o... Post-quantum cryptography: what comes next?. Jeremy B exp...
NCSC Feed
Navigating the different cyber services from the NCSC. If you don’t have the inhouse expertise to keep your organisation cyber secure, the NCSC offers services and tools to help organisations guard against commodity threats.
Navigating the different cyber services from the NCSC. If you don’t have the inhouse ex... Navigating the different cyber services from the NCSC. If...
NCSC Feed
Introducing Active Cyber Defence 2.0. ACD 2.0 aims to build the next generation of services in partnership with industry and academia.
Introducing Active Cyber Defence 2.0. ACD 2.0 aims to build the next generation of serv... Introducing Active Cyber Defence 2.0. ACD 2.0 aims to bui...
NCSC Feed
Building a nation-scale evidence base for cyber deception. The NCSC is inviting UK organisations to contribute evidence of cyber deception use cases and efficacy to support our long-term research goals.
Building a nation-scale evidence base for cyber deception. The NCSC is inviting UK orga... Building a nation-scale evidence base for cyber deception...
NCSC Feed
Looking back at the ballot – securing the general election. NCSC CEO Felicity Oswald shares reflections on keeping the 2024 General Election safe.
Looking back at the ballot – securing the general election. NCSC CEO Felicity Oswald sh... Looking back at the ballot – securing the general electio...
NCSC Feed