1. Home
  2. Ncsc Feed

Buzz & Beyond: Ncsc feed

The Government Cyber Action Plan: strengthening resilience across the UK. With GCAP, the UK government is taking decisive steps towards a safer, more resilient future.
Trending

The Government Cyber Action Plan: strengthening resilience across the UK. With GCAP, the UK government is taking decisive steps towards a safer, more resilient future.

The Government Cyber Action Plan: strengthening resilience across the UK. With GCAP, the UK government is taking decisive steps towards a safer, more resilient future.
Source: NCSC Feed
Published: Jan, 07 2026 13:16

With GCAP, the UK government is taking decisive steps towards a safer, more resilient future.

Continue reading...

Cyber deception trials: what we’ve le...
Cyber deception trials: what we’ve learned so far. An update on the NCSC's trials to test the real-world efficacy of ... Cyber deception trials: what we’ve learned so far. An update on the NCSC's trials to test the real-world efficacy of cyber deception solutions.
NCSC Feed
Prompt injection is not SQL injection...
Prompt injection is not SQL injection (it may be worse). There are crucial differences between prompt and SQL injecti... Prompt injection is not SQL injection (it may be worse). There are crucial differences between prompt and SQL injection which – if not considered – can undermine mitigations.
NCSC Feed
Provisioning and managing certificate...
Provisioning and managing certificates in the Web PKI. How service owners should securely provision and manage certif... Provisioning and managing certificates in the Web PKI. How service owners should securely provision and manage certificates in the Web PKI.
NCSC Feed
Updating our guidance on security cer...
Updating our guidance on security certificates, TLS and IPsec. The NCSC has updated 3 key pieces of cryptographic gui... Updating our guidance on security certificates, TLS and IPsec. The NCSC has updated 3 key pieces of cryptographic guidance. Here, we explain the changes.
NCSC Feed
Building trust in the digital age: a ...
Building trust in the digital age: a collaborative approach to content provenance technologies. Joint NCSC and Canadi... Building trust in the digital age: a collaborative approach to content provenance technologies. Joint NCSC and Canadian Centre for Cyber Security primer helps organisations understand emerging technologies that can help maintain trust in their public-facing information.
NCSC Feed
What makes a responsible cyber actor:...
What makes a responsible cyber actor: introducing the Pall Mall industry consultation on good practice. Calling vulne... What makes a responsible cyber actor: introducing the Pall Mall industry consultation on good practice. Calling vulnerability researchers, exploit developers and others in the offensive cyber industry to share their views.
NCSC Feed

Most Viewed

The Government Cyber Action Plan: strengthening resilienc...
The Government Cyber Action Plan: strengthening resilience across the UK. With GCAP, th... The Government Cyber Action Plan: strengthening resilienc...
NCSC Feed
Cyber deception trials: what we’ve learned so far. An upd...
Cyber deception trials: what we’ve learned so far. An update on the NCSC's trials to te... Cyber deception trials: what we’ve learned so far. An upd...
NCSC Feed
Prompt injection is not SQL injection (it may be worse). ...
Prompt injection is not SQL injection (it may be worse). There are crucial differences ... Prompt injection is not SQL injection (it may be worse). ...
NCSC Feed
Provisioning and managing certificates in the Web PKI. Ho...
Provisioning and managing certificates in the Web PKI. How service owners should secure... Provisioning and managing certificates in the Web PKI. Ho...
NCSC Feed
Updating our guidance on security certificates, TLS and I...
Updating our guidance on security certificates, TLS and IPsec. The NCSC has updated 3 k... Updating our guidance on security certificates, TLS and I...
NCSC Feed
Building trust in the digital age: a collaborative approa...
Building trust in the digital age: a collaborative approach to content provenance techn... Building trust in the digital age: a collaborative approa...
NCSC Feed
What makes a responsible cyber actor: introducing the Pal...
What makes a responsible cyber actor: introducing the Pall Mall industry consultation o... What makes a responsible cyber actor: introducing the Pal...
NCSC Feed
It's time for all small businesses to act. The NCSC’s Cyb...
It's time for all small businesses to act. The NCSC’s Cyber Action Toolkit helps you to... It's time for all small businesses to act. The NCSC’s Cyb...
NCSC Feed
NCSC handing over the baton of smart meter security: a de...
NCSC handing over the baton of smart meter security: a decade of progress. Why transfer... NCSC handing over the baton of smart meter security: a de...
NCSC Feed
Choosing a managed service provider (MSP). An SME’s guide...
Choosing a managed service provider (MSP). An SME’s guide to selecting and working with... Choosing a managed service provider (MSP). An SME’s guide...
NCSC Feed
Cyber Action Toolkit: breaking down the barriers to resil...
Cyber Action Toolkit: breaking down the barriers to resilience. How the NCSC’s ‘Cyber A... Cyber Action Toolkit: breaking down the barriers to resil...
NCSC Feed
NCSC to retire Web Check and Mail Check. By 31 March 2026...
NCSC to retire Web Check and Mail Check. By 31 March 2026, organisations should have al... NCSC to retire Web Check and Mail Check. By 31 March 2026...
NCSC Feed

Historical Trends

Spotlight on shadow IT. New guidance to help organisations manage rogue devices and services within the enterprise.
Spotlight on shadow IT. New guidance to help organisations manage rogue devices and ser... Spotlight on shadow IT. New guidance to help organisation...
NCSC Feed
ACD - The Sixth Year. Key findings and full report from the 6th year of the Active Cyber Defence (ACD) programme.
ACD - The Sixth Year. Key findings and full report from the 6th year of the Active Cybe... ACD - The Sixth Year. Key findings and full report from t...
NCSC Feed
To SOC or not to SOC ?. For environments that are secure by design, a 'full-fat SOC' is not always required.
To SOC or not to SOC ?. For environments that are secure by design, a 'full-fat SOC' is... To SOC or not to SOC ?. For environments that are secure ...
NCSC Feed
Active Cyber Defence: Sixth annual report now available. New ACD services developed to help protect SMEs from the harms caused by cyber attacks.
Active Cyber Defence: Sixth annual report now available. New ACD services developed to ... Active Cyber Defence: Sixth annual report now available. ...
NCSC Feed
New techniques added to the NCSC’s ‘risk management toolbox’. Refreshed guidance published to help practitioners manage cyber risk.
New techniques added to the NCSC’s ‘risk management toolbox’. Refreshed guidance publis... New techniques added to the NCSC’s ‘risk management toolb...
NCSC Feed
Cyber Threat Report: UK Legal Sector. An updated report from the NCSC explaining how UK law firms - of all sizes - can protect themselves from common cyber threats.
Cyber Threat Report: UK Legal Sector. An updated report from the NCSC explaining how UK... Cyber Threat Report: UK Legal Sector. An updated report f...
NCSC Feed
Protecting how you administer cloud services. New advice on implementing high-risk and ‘break-glass’ accesses in cloud services.
Protecting how you administer cloud services. New advice on implementing high-risk and ... Protecting how you administer cloud services. New advice ...
NCSC Feed
Early Warning is joining MyNCSC. Early Warning, one of the NCSC’s flagship ACD services, will be soon be migrated to the MyNCSC platform. Here we explain the background and what users can expect.
Early Warning is joining MyNCSC. Early Warning, one of the NCSC’s flagship ACD services... Early Warning is joining MyNCSC. Early Warning, one of th...
NCSC Feed
Leveraging NCSC’s national insight to strengthen the fight against mobile threats. Traced Mobile Security co-founder Benedict Jones describes how 'NCSC for Startups' helped evolve his business.
Leveraging NCSC’s national insight to strengthen the fight against mobile threats. Trac... Leveraging NCSC’s national insight to strengthen the figh...
NCSC Feed
Why more transparency around cyber attacks is a good thing for everyone.
Why more transparency around cyber attacks is a good thing for everyone. Why more transparency around cyber attacks is a good thin...
NCSC Feed
Introducing Cyber Advisors. Launching a new Industry Assurance scheme aimed at helping the UK’s small organisations.
Introducing Cyber Advisors. Launching a new Industry Assurance scheme aimed at helping ... Introducing Cyber Advisors. Launching a new Industry Assu...
NCSC Feed
Protect your management interfaces. Why it's important to protect the interfaces used to manage your infrastructure, and some recommendations on how you might do this.
Protect your management interfaces. Why it's important to protect the interfaces used t... Protect your management interfaces. Why it's important to...
NCSC Feed
Zero trust migration: How will I know if I can remove my VPN?. In our third blog about migrating to a zero trust architecture, we consider the security properties of an Always On VPN, and the factors to consider when deciding if you no longer need one.
Zero trust migration: How will I know if I can remove my VPN?. In our third blog about ... Zero trust migration: How will I know if I can remove my ...
NCSC Feed
NCSC for Startups: an ecosystem-based approach to cyber security. Andrew Roughan, CEO of the NCSC’s innovation partner Plexal, explains why a whole-of-society approach is vital for cyber security innovation.
NCSC for Startups: an ecosystem-based approach to cyber security. Andrew Roughan, CEO o... NCSC for Startups: an ecosystem-based approach to cyber s...
NCSC Feed
Using MSPs to administer your cloud services. Andrew A explains what you must check before giving Managed Service Providers (MSPs) the keys to your kingdom.
Using MSPs to administer your cloud services. Andrew A explains what you must check bef... Using MSPs to administer your cloud services. Andrew A ex...
NCSC Feed
How the NCSC thinks about security architecture. Richard C explains how an understanding of vulnerabilities - and their exploitation - informs how the NCSC assesses the security of computer systems.
How the NCSC thinks about security architecture. Richard C explains how an understandin... How the NCSC thinks about security architecture. Richard ...
NCSC Feed
Principles and how they can help us with assurance. Explaining the forthcoming NCSC Technology Assurance Principles.
Principles and how they can help us with assurance. Explaining the forthcoming NCSC Tec... Principles and how they can help us with assurance. Expla...
NCSC Feed
NCSC For Startups: Vistalworks cracking down on illicit trade. Vicky Brock of Vistalworks describes how the 'NCSC For Startups' programme has helped her organisation develop solutions to tackle illicit online trade.
NCSC For Startups: Vistalworks cracking down on illicit trade. Vicky Brock of Vistalwor... NCSC For Startups: Vistalworks cracking down on illicit t...
NCSC Feed
NCSC for Startups: the case for collaboration. Saj Huq of Plexal explains why collaboration with the NCSC brings opportunities to the cyber security sector.
NCSC for Startups: the case for collaboration. Saj Huq of Plexal explains why collabora... NCSC for Startups: the case for collaboration. Saj Huq of...
NCSC Feed
"Winning trust, and making powerful connections". Chris Wallis, CEO of Intruder, explains how completing the NCSC's Startup Programme was a turning point for his organisation.
"Winning trust, and making powerful connections". Chris Wallis, CEO of Intruder, explai... "Winning trust, and making powerful connections". Chris W...
NCSC Feed
Protect your customers to protect your brand. New guidance to protect your brand from being exploited online, and to help you choose alternate authentication models.
Protect your customers to protect your brand. New guidance to protect your brand from b... Protect your customers to protect your brand. New guidanc...
NCSC Feed
Takedown: removing malicious content to protect your brand. How to protect your brand from being exploited online.
Takedown: removing malicious content to protect your brand. How to protect your brand f... Takedown: removing malicious content to protect your bran...
NCSC Feed
The security benefits of modern collaboration in the cloud. By exploiting cloud services, organisations no longer have to choose between ‘more security’ and ‘better usability’.
The security benefits of modern collaboration in the cloud. By exploiting cloud service... The security benefits of modern collaboration in the clou...
NCSC Feed
The problems with forcing regular password expiry. Why the NCSC decided to advise against this long-established security guideline.
The problems with forcing regular password expiry. Why the NCSC decided to advise again... The problems with forcing regular password expiry. Why th...
NCSC Feed
Log4j vulnerability: what should boards be asking?. Advice for board members of medium to large organisations that are at risk from the Apache Log4j vulnerability.
Log4j vulnerability: what should boards be asking?. Advice for board members of medium ... Log4j vulnerability: what should boards be asking?. Advic...
NCSC Feed
The rise of ransomware. Toby L, Technical Lead for Incident Management, explains how modern-day ransomware attacks are evolving.
The rise of ransomware. Toby L, Technical Lead for Incident Management, explains how mo... The rise of ransomware. Toby L, Technical Lead for Incide...
NCSC Feed
How Rebellion Defence used NCSC For Startups to accelerate product development. Unparalleled access to skilled users transformed Rebellion Defence’s product roadmap.
How Rebellion Defence used NCSC For Startups to accelerate product development. Unparal... How Rebellion Defence used NCSC For Startups to accelerat...
NCSC Feed
TLS 1.3: better for individuals - harder for enterprises. The NCSC's technical director outlines the challenges that TLS 1.3 presents for enterprise security.
TLS 1.3: better for individuals - harder for enterprises. The NCSC's technical director... TLS 1.3: better for individuals - harder for enterprises....
NCSC Feed
'WannaCry' ransomware: guidance updates. Jon L provides an update on the NCSC's guidance on the 'WannaCry' ransomware.
'WannaCry' ransomware: guidance updates. Jon L provides an update on the NCSC's guidanc... 'WannaCry' ransomware: guidance updates. Jon L provides a...
NCSC Feed
Spray you, spray me: defending against password spraying attacks. Andy P summarises how organisations can protect users' accounts from password spraying.
Spray you, spray me: defending against password spraying attacks. Andy P summarises how... Spray you, spray me: defending against password spraying ...
NCSC Feed
Cyber security for schools. New NCSC training package to help schools improve their cyber security.
Cyber security for schools. New NCSC training package to help schools improve their cyb... Cyber security for schools. New NCSC training package to ...
NCSC Feed
Bring Your Own Device: How to do it well. Updated NCSC guidance on enabling your staff to use their own devices for work.
Bring Your Own Device: How to do it well. Updated NCSC guidance on enabling your staff ... Bring Your Own Device: How to do it well. Updated NCSC gu...
NCSC Feed
CNI system design: Secure Remote Access. A Critical National Infrastructure (CNI)-specific look at NCSC guidance on remote access architecture design.
CNI system design: Secure Remote Access. A Critical National Infrastructure (CNI)-speci... CNI system design: Secure Remote Access. A Critical Natio...
NCSC Feed
Using secure messaging, voice and collaboration apps. What organisations should think about before choosing apps for secure communications and collaboration.
Using secure messaging, voice and collaboration apps. What organisations should think a... Using secure messaging, voice and collaboration apps. Wha...
NCSC Feed
NCSC For Startups: the feedback loop. How startups can make the most of their time when pitching to cyber security experts.
NCSC For Startups: the feedback loop. How startups can make the most of their time when... NCSC For Startups: the feedback loop. How startups can ma...
NCSC Feed
ACD - The Fifth Year. Key findings from the 5th year of the Active Cyber Defence (ACD) programme.
ACD - The Fifth Year. Key findings from the 5th year of the Active Cyber Defence (ACD) ... ACD - The Fifth Year. Key findings from the 5th year of t...
NCSC Feed
Mythbusting cloud key management services. Why trying to avoid trusting the KMS doesn't make sense (and other common misconceptions).
Mythbusting cloud key management services. Why trying to avoid trusting the KMS doesn't... Mythbusting cloud key management services. Why trying to ...
NCSC Feed
Relaunching the NCSC's Cloud security guidance collection. Andrew A explains what's new in a significant update to the NCSC's flagship cloud guidance.
Relaunching the NCSC's Cloud security guidance collection. Andrew A explains what's new... Relaunching the NCSC's Cloud security guidance collection...
NCSC Feed
Threat report on application stores. This report outlines the risks associated with the use of official and third party app stores.
Threat report on application stores. This report outlines the risks associated with the... Threat report on application stores. This report outlines...
NCSC Feed
Malware analysis report on SparrowDoor malware. A technical analysis of a new variant of the SparrowDoor malware.
Malware analysis report on SparrowDoor malware. A technical analysis of a new variant o... Malware analysis report on SparrowDoor malware. A technic...
NCSC Feed
Vendor Security Assessment. Assessing the security of network equipment.
Vendor Security Assessment. Assessing the security of network equipment. Vendor Security Assessment. Assessing the security of net...
NCSC Feed
The Cyber Assessment Framework 3.1. Latest version of the CAF focusses on clarification and consistency between areas of the CAF.
The Cyber Assessment Framework 3.1. Latest version of the CAF focusses on clarification... The Cyber Assessment Framework 3.1. Latest version of the...
NCSC Feed
Motivating developers to write secure code. The 'Motivating Jenny' project is helping to change the conversation about security in software development.
Motivating developers to write secure code. The 'Motivating Jenny' project is helping t... Motivating developers to write secure code. The 'Motivati...
NCSC Feed
Common Cyber Attacks: Reducing the Impact. This white paper explains how basic security controls can protect organisations from the most common cyber attacks.
Common Cyber Attacks: Reducing the Impact. This white paper explains how basic security... Common Cyber Attacks: Reducing the Impact. This white pap...
NCSC Feed
Using IPsec to protect data. Guidance for organisations wishing to deploy products that use IPsec.
Using IPsec to protect data. Guidance for organisations wishing to deploy products that... Using IPsec to protect data. Guidance for organisations w...
NCSC Feed
Introducing Scanning Made Easy. Trial project makes vulnerability scanning easier.
Introducing Scanning Made Easy. Trial project makes vulnerability scanning easier. Introducing Scanning Made Easy. Trial project makes vulne...
NCSC Feed
We think Cyber Essentials is, well, still essential . ...and that's why we are making some changes. Anne W summarises what they are, and explains the thinking behind them.
We think Cyber Essentials is, well, still essential . ...and that's why we are making s... We think Cyber Essentials is, well, still essential . ......
NCSC Feed
Zero Trust migration: where do I start?. How to start the journey to zero trust architecture once you have decided it meets your business requirements.
Zero Trust migration: where do I start?. How to start the journey to zero trust archite... Zero Trust migration: where do I start?. How to start the...
NCSC Feed
Why vulnerabilities are like buses. How organisations can address the growing trend in which multiple vulnerabilities within a single product are exploited over a short period.
Why vulnerabilities are like buses. How organisations can address the growing trend in ... Why vulnerabilities are like buses. How organisations can...
NCSC Feed
Protecting internet-facing services on public service CNI. How operators of critical national infrastructure (CNI) can use NCSC guidance and blogs to secure their internet-facing services.
Protecting internet-facing services on public service CNI. How operators of critical na... Protecting internet-facing services on public service CNI...
NCSC Feed