Buzz & Beyond: Ncsc feed

Improving your response to vulnerability management. How to ensure the ‘organisational memory’ of past vulnerabilities is not lost.

Trending

Improving your response to vulnerability management. How to ensure the ‘organisational memory’ of past vulnerabilities is not lost.

Improving your response to vulnerability management. How to ensure the ‘organisational memory’ of past vulnerabilities is not lost.

Source: NCSC Feed

Published: Feb, 09 2026 20:24

How to ensure the ‘organisational memory’ of past vulnerabilities is not lost.

Continue reading...

Can you help the NCSC with the next p...

Can you help the NCSC with the next phase of EASM research?. Organisations with experience in external attack surface... Can you help the NCSC with the next phase of EASM research?. Organisations with experience in external attack surface management can help us shape future ACD 2.0 services.

Cloud Security Posture Management: si...

Cloud Security Posture Management: silver bullet or another piece in the cloud puzzle?. CSPM tools are big business. ... Cloud Security Posture Management: silver bullet or another piece in the cloud puzzle?. CSPM tools are big business. Could they be the answer to your cloud configuration problems?.

One small step for Cyber Resilience T...

One small step for Cyber Resilience Test Facilities, one giant leap for technology assurance. CRTFs are helping organ... One small step for Cyber Resilience Test Facilities, one giant leap for technology assurance. CRTFs are helping organisations to make informed, risk-based decisions on the adoption of technology products.

Designing safer links: secure connect...

Designing safer links: secure connectivity for operational technology. New principles help organisations to design, r... Designing safer links: secure connectivity for operational technology. New principles help organisations to design, review, and secure connectivity to (and within) OT systems.

The Government Cyber Action Plan: str...

The Government Cyber Action Plan: strengthening resilience across the UK. With GCAP, the UK government is taking deci... The Government Cyber Action Plan: strengthening resilience across the UK. With GCAP, the UK government is taking decisive steps towards a safer, more resilient future.

Cyber deception trials: what we’ve le...

Cyber deception trials: what we’ve learned so far. An update on the NCSC's trials to test the real-world efficacy of ... Cyber deception trials: what we’ve learned so far. An update on the NCSC's trials to test the real-world efficacy of cyber deception solutions.

Most Viewed

Improving your response to vulnerability management. How ...

Improving your response to vulnerability management. How to ensure the ‘organisational ... Improving your response to vulnerability management. How ...

Can you help the NCSC with the next phase of EASM researc...

Can you help the NCSC with the next phase of EASM research?. Organisations with experie... Can you help the NCSC with the next phase of EASM researc...

Cloud Security Posture Management: silver bullet or anoth...

Cloud Security Posture Management: silver bullet or another piece in the cloud puzzle?.... Cloud Security Posture Management: silver bullet or anoth...

One small step for Cyber Resilience Test Facilities, one ...

One small step for Cyber Resilience Test Facilities, one giant leap for technology assu... One small step for Cyber Resilience Test Facilities, one ...

Designing safer links: secure connectivity for operationa...

Designing safer links: secure connectivity for operational technology. New principles h... Designing safer links: secure connectivity for operationa...

The Government Cyber Action Plan: strengthening resilienc...

The Government Cyber Action Plan: strengthening resilience across the UK. With GCAP, th... The Government Cyber Action Plan: strengthening resilienc...

Cyber deception trials: what we’ve learned so far. An upd...

Cyber deception trials: what we’ve learned so far. An update on the NCSC's trials to te... Cyber deception trials: what we’ve learned so far. An upd...

Prompt injection is not SQL injection (it may be worse). ...

Prompt injection is not SQL injection (it may be worse). There are crucial differences ... Prompt injection is not SQL injection (it may be worse). ...

Provisioning and managing certificates in the Web PKI. Ho...

Provisioning and managing certificates in the Web PKI. How service owners should secure... Provisioning and managing certificates in the Web PKI. Ho...

Updating our guidance on security certificates, TLS and I...

Updating our guidance on security certificates, TLS and IPsec. The NCSC has updated 3 k... Updating our guidance on security certificates, TLS and I...

Building trust in the digital age: a collaborative approa...

Building trust in the digital age: a collaborative approach to content provenance techn... Building trust in the digital age: a collaborative approa...

What makes a responsible cyber actor: introducing the Pal...

What makes a responsible cyber actor: introducing the Pall Mall industry consultation o... What makes a responsible cyber actor: introducing the Pal...

Historical Trends

New cyber security training packages launched to manage supply chain risk. NCSC publishes free e-learning to help organisations manage the cyber security risks across their supply chains.

New cyber security training packages launched to manage supply chain risk. NCSC publish... New cyber security training packages launched to manage s...

NCSC Feed

Artificial Intelligence: 'call for views' on the cyber security of AI closes soon. Businesses, academia and international partners invited to respond to the UK government's ‘call for views’ on the security of AI.

Artificial Intelligence: 'call for views' on the cyber security of AI closes soon. Busi... Artificial Intelligence: 'call for views' on the cyber se...

NCSC Feed

New legislation will help counter the cyber threat to our essential services. The announcement of the Cyber Security and Resilience Bill is a landmark moment in tackling the growing threat to the UK's critical systems.

New legislation will help counter the cyber threat to our essential services. The annou... New legislation will help counter the cyber threat to our...

NCSC Feed

Using TLS to protect data. Recommended profiles to securely configure TLS for the most common versions and scenarios, with additional guidance for managing older versions.

Using TLS to protect data. Recommended profiles to securely configure TLS for the most ... Using TLS to protect data. Recommended profiles to secure...

NCSC Feed

"If you have knowledge, let others light their candles in it.". Why sharing lessons learned from cyber security incidents and ‘near misses’ will help everyone to improve.

"If you have knowledge, let others light their candles in it.". Why sharing lessons lea... "If you have knowledge, let others light their candles in...

NCSC Feed

Cyber Essentials 'Pathways': From experiment to proof of concept. We are encouraging large organisations to help us develop an alternative route to certification.

Cyber Essentials 'Pathways': From experiment to proof of concept. We are encouraging la... Cyber Essentials 'Pathways': From experiment to proof of ...

NCSC Feed

Raising the cyber resilience of software 'at scale'. New ‘Code of Practice for Software Vendors’ will ensure that security is fundamental to developing and distributing products and services.

Raising the cyber resilience of software 'at scale'. New ‘Code of Practice for Software... Raising the cyber resilience of software 'at scale'. New ...

NCSC Feed

Offline backups in an online world. How to protect your backups that are stored in the public cloud.

Offline backups in an online world. How to protect your backups that are stored in the ... Offline backups in an online world. How to protect your b...

NCSC Feed

Introducing PDNS for Schools. Launching the first phase rollout of a protective DNS service for schools.

Introducing PDNS for Schools. Launching the first phase rollout of a protective DNS ser... Introducing PDNS for Schools. Launching the first phase r...

NCSC Feed

Use of Russian technology products and services following the invasion of Ukraine. Cyber security – even in a time of global unrest – remains a balance of different risks. Ian Levy, the NCSC's Technical Director, explains why.

Use of Russian technology products and services following the invasion of Ukraine. Cybe... Use of Russian technology products and services following...

NCSC Feed

Machine learning security principles updated. Revised principles will help people make the right security decisions when developing systems with AI/ML components.

Machine learning security principles updated. Revised principles will help people make ... Machine learning security principles updated. Revised pri...

NCSC Feed

Business email compromise: new guidance to protect your organisation. How to disrupt targeted phishing attacks aimed at senior executives or budget holders.

Business email compromise: new guidance to protect your organisation. How to disrupt ta... Business email compromise: new guidance to protect your o...

NCSC Feed

Introducing the NCSC's ‘Share and Defend’ capability. Join the community of service providers helping to protect the UK from cyber attacks.

Introducing the NCSC's ‘Share and Defend’ capability. Join the community of service pro... Introducing the NCSC's ‘Share and Defend’ capability. Joi...

NCSC Feed

Decrypting diversity: Diversity and inclusion in cyber security report 2020. Joint report between the NCSC and KPMG UK is the first in a series to benchmark and track levels of diversity and inclusion in the cyber security industry.

Decrypting diversity: Diversity and inclusion in cyber security report 2020. Joint repo... Decrypting diversity: Diversity and inclusion in cyber se...

NCSC Feed

Decrypting diversity: Diversity and inclusion in cyber security report 2021. The 2nd joint report between the NCSC and KPMG UK benchmarks against the 2020 findings to gauge what progress has been made.

Decrypting diversity: Diversity and inclusion in cyber security report 2021. The 2nd jo... Decrypting diversity: Diversity and inclusion in cyber se...

NCSC Feed

Advanced Mobile Solutions (AMS) guidance trailer. Chris P explains how AMS will enable high-threat organisations to stay connected ‘on the go'.

Advanced Mobile Solutions (AMS) guidance trailer. Chris P explains how AMS will enable ... Advanced Mobile Solutions (AMS) guidance trailer. Chris P...

NCSC Feed

Video conferencing services: security guidance for organisations. Guidance to help you to choose, configure and deploy video conferencing services such as Zoom and Skype within your organisation.

Video conferencing services: security guidance for organisations. Guidance to help you ... Video conferencing services: security guidance for organi...

NCSC Feed

Cyber Assessment Framework 3.2. Latest version of the CAF reflects the increased threat to critical national infrastructure.

Cyber Assessment Framework 3.2. Latest version of the CAF reflects the increased threat... Cyber Assessment Framework 3.2. Latest version of the CAF...

NCSC Feed

"What's happened to my data?". Irrespective of whether the ransom is paid, a ransomware attack means organisations have lost control of their information.

"What's happened to my data?". Irrespective of whether the ransom is paid, a ransomware... "What's happened to my data?". Irrespective of whether th...

NCSC Feed

Pathways: exploring a new way to achieve Cyber Essentials certification. For large, complex firms struggling with the prescriptiveness of Cyber Essentials, ‘Pathways’ will provide a new route to certification.

Pathways: exploring a new way to achieve Cyber Essentials certification. For large, com... Pathways: exploring a new way to achieve Cyber Essentials...

NCSC Feed

Securing Office 365 with better configuration. How our Office 365 advisory and new security guidance from Microsoft can help protect your cloud services.

Securing Office 365 with better configuration. How our Office 365 advisory and new secu... Securing Office 365 with better configuration. How our Of...

NCSC Feed

Watch all the plenaries from CYBERUK 2024 live, and for free. Key talks from the UK government’s flagship cyber security event will be livestreamed from Birmingham’s ICC.

Watch all the plenaries from CYBERUK 2024 live, and for free. Key talks from the UK gov... Watch all the plenaries from CYBERUK 2024 live, and for f...

NCSC Feed

Interactive administration in the cloud: managing the risks. Tips to help you secure and reduce interactive access to your cloud infrastructure.

Interactive administration in the cloud: managing the risks. Tips to help you secure an... Interactive administration in the cloud: managing the ris...

NCSC Feed

Preparing for the long haul: the cyber threat from Russia. Although the UK has not experienced severe cyber attacks in relation to Russia’s invasion of Ukraine, now is not the time for complacency.

Preparing for the long haul: the cyber threat from Russia. Although the UK has not expe... Preparing for the long haul: the cyber threat from Russia...

NCSC Feed

Funded cyber certification helps small charities to provide legal aid to vulnerable citizens. How the funded Cyber Essentials Programme helped the ‘Law Centres Network’ protect its IT estate - and client data - from cyber attacks.

Funded cyber certification helps small charities to provide legal aid to vulnerable cit... Funded cyber certification helps small charities to provi...

NCSC Feed

SCADA 'in the cloud': new guidance for OT organisations. If migrating SCADA solutions to the cloud, cyber security must be a key consideration for operational technology organisations.

SCADA 'in the cloud': new guidance for OT organisations. If migrating SCADA solutions t... SCADA 'in the cloud': new guidance for OT organisations. ...

NCSC Feed

Products on your perimeter considered harmful (until proven otherwise). As attackers' tactics change, so must network defenders'.

Products on your perimeter considered harmful (until proven otherwise). As attackers' t... Products on your perimeter considered harmful (until prov...

NCSC Feed

Market incentives in the pursuit of resilient software and hardware. A new paper from the ONCD explores how metrics can influence markets to improve the cyber security ecosystem.

Market incentives in the pursuit of resilient software and hardware. A new paper from t... Market incentives in the pursuit of resilient software an...

NCSC Feed

Cyber security governance: the role of the board. As cyber threats evolve, boards must remain vigilant in cyber security governance.

Cyber security governance: the role of the board. As cyber threats evolve, boards must ... Cyber security governance: the role of the board. As cybe...

NCSC Feed

Protecting PBX from cyber attacks. Why small organisations need to manage their private branch exchange (PBX) telephone networks.

Protecting PBX from cyber attacks. Why small organisations need to manage their private... Protecting PBX from cyber attacks. Why small organisation...

NCSC Feed

From the cyber proliferation threat all the way to Pall Mall. The first dedicated conference on this topic – and an insight into the NCSC assessment work behind it.

From the cyber proliferation threat all the way to Pall Mall. The first dedicated confe... From the cyber proliferation threat all the way to Pall M...

NCSC Feed

Unleashing the power of cloud with containerisation. New NCSC guidance describes how organisations can make the most of containerisation.

Unleashing the power of cloud with containerisation. New NCSC guidance describes how or... Unleashing the power of cloud with containerisation. New ...

NCSC Feed

NCSC for Startups: Playing cyber criminals at their own game. CounterCraft's co-founder, Dan Brett, explains how they turn the tables so that social engineering can be used to protect organisations from attackers.

NCSC for Startups: Playing cyber criminals at their own game. CounterCraft's co-founder... NCSC for Startups: Playing cyber criminals at their own g...

NCSC Feed

Landing at the NCSC (glad I brought my towel). Ollie Whitehouse, the NCSC’s new Chief Technology Officer, outlines the cyber security challenges he’ll be prioritising.

Landing at the NCSC (glad I brought my towel). Ollie Whitehouse, the NCSC’s new Chief T... Landing at the NCSC (glad I brought my towel). Ollie Whit...

NCSC Feed

New guidance to help small organisations use online services more securely. How to set up online (or 'cloud') services so they're protected against common cyber attacks.

New guidance to help small organisations use online services more securely. How to set ... New guidance to help small organisations use online servi...

NCSC Feed

The logic behind three random words. Whilst not a password panacea, using 'three random words' is still better than enforcing arbitrary complexity requirements.

The logic behind three random words. Whilst not a password panacea, using 'three random... The logic behind three random words. Whilst not a passwor...

NCSC Feed

Researching the hard problems in hardware security. Introducing the next chapter of the NCSC research problem book, which aims to inspire research on the biggest impact topics in hardware cyber security.

Researching the hard problems in hardware security. Introducing the next chapter of the... Researching the hard problems in hardware security. Intro...

NCSC Feed

Announcing IASME as our second Delivery Partner for Cyber Incident Response Level 2. Both CIR Delivery Partners are now accepting enquiries and applications.

Announcing IASME as our second Delivery Partner for Cyber Incident Response Level 2. Bo... Announcing IASME as our second Delivery Partner for Cyber...

NCSC Feed

Introducing the guidelines for secure AI. New guidelines will help developers make informed decisions about the design, development, deployment and operation of their AI systems.

Introducing the guidelines for secure AI. New guidelines will help developers make info... Introducing the guidelines for secure AI. New guidelines ...

NCSC Feed

Thanking the vulnerability research community with NCSC Challenge Coins. Reflecting on the positive impact of the Vulnerability Reporting Service – and introducing something new for selected contributors.

Thanking the vulnerability research community with NCSC Challenge Coins. Reflecting on ... Thanking the vulnerability research community with NCSC C...

NCSC Feed

Migrating to post-quantum cryptography. New guidance from the NCSC helps system and risk owners plan their migration to post-quantum cryptography (PQC).

Migrating to post-quantum cryptography. New guidance from the NCSC helps system and ris... Migrating to post-quantum cryptography. New guidance from...

NCSC Feed

AIT fraud: what you need to know. SMS and telephone guidance updated to address the rise in Artificial Inflation of Traffic (AIT).

AIT fraud: what you need to know. SMS and telephone guidance updated to address the ris... AIT fraud: what you need to know. SMS and telephone guida...

NCSC Feed

Logging Made Easy with CISA. The US Cybersecurity and Infrastructure Security Agency have relaunched an updated version of LME.

Logging Made Easy with CISA. The US Cybersecurity and Infrastructure Security Agency ha... Logging Made Easy with CISA. The US Cybersecurity and Inf...

NCSC Feed

Our new principles to help make cloud backups more resilient. Introducing a new set of NCSC principles to strengthen the resilience of organisations' cloud backups from ransomware attackers.

Our new principles to help make cloud backups more resilient. Introducing a new set of ... Our new principles to help make cloud backups more resili...

NCSC Feed

Mastering your supply chain. A new collection of resources from the NCSC can help take your supply chain knowledge to the next level.

Mastering your supply chain. A new collection of resources from the NCSC can help take ... Mastering your supply chain. A new collection of resource...

NCSC Feed

Data-driven cyber: empowering government security with focused insights from data. How 'small but actionable' insights can improve behaviours and decision making.

Data-driven cyber: empowering government security with focused insights from data. How ... Data-driven cyber: empowering government security with fo...

NCSC Feed

Building on our history of cryptographic research. The NCSC has published new cryptographic research on robust cryptography – we explain its significance and how the ideas could support research to inform future global standards.

Building on our history of cryptographic research. The NCSC has published new cryptogra... Building on our history of cryptographic research. The NC...

NCSC Feed

Ransomware and the cyber crime ecosystem. A new white paper examines the rise of 'ransomware as a service' and extortion attacks.

Ransomware and the cyber crime ecosystem. A new white paper examines the rise of 'ranso... Ransomware and the cyber crime ecosystem. A new white pap...

NCSC Feed

Thinking about the security of AI systems. Why established cyber security principles are still important when developing or implementing machine learning models.

Thinking about the security of AI systems. Why established cyber security principles ar... Thinking about the security of AI systems. Why establishe...

NCSC Feed

Exercise caution when building off LLMs. Large Language Models are an exciting technology, but our understanding of them is still 'in beta'.

Exercise caution when building off LLMs. Large Language Models are an exciting technolo... Exercise caution when building off LLMs. Large Language M...

NCSC Feed