- Thinking about the security of AI systems
Why established cyber security principles are still important when developing or implementing […]
- There's a hole in my bucket
...or 'Why do people leave sensitive data in unprotected AWS S3 buckets?'
- The problems with patching
Applying patches may be a basic security principle, but that doesn't mean it's always easy to do in […]
- Ms Kirstine Troldborg new Representative for Denmark at Eurojust
Ms Kirstine Troldborg has taken up her duties as the new Representative for Denmark at Eurojust, […]
- The strength of the ICS COI is the team
Join the Industrial Control System Community of Interest (ICS COI), and help build CNI expertise […]
- The security benefits of modern collaboration in the cloud
By exploiting cloud services, organisations no longer have to choose between ‘more security’ […]
- The problems with forcing regular password expiry
Why the NCSC decided to advise against this long-established security guideline.
- The logic behind three random words
Whilst not a password panacea, using 'three random words' is still better than enforcing arbitrary […]
- The future of telecoms in the UK
NCSC Technical Director Dr Ian Levy explains how the security analysis behind the DCMS supply chain […]
- The future of Technology Assurance in the UK
Chris Ensor highlights some important elements of the NCSC's new Technology Assurance strategy.
- The Cyber Assessment Framework 3.1
Latest version of the CAF focusses on clarification and consistency between areas of the CAF.
- Thanking the vulnerability research community with NCSC Challenge Coins
Reflecting on the positive impact of the Vulnerability Reporting Service – and introducing […]
- Terminology: it's not black and white
The NCSC now uses 'allow list' and 'deny list' in place of 'whitelist' and 'blacklist'. Emma W […]
- Telling users to ‘avoid clicking bad links’ still isn’t working
Why organisations should avoid ‘blame and fear’, and instead use technical measures to manage […]
- Tackling the 'human factor' to transform cyber security behaviours
ThinkCyber's CEO Tim Ward reflects on the challenges that startups face when developing innovative […]
- Supplier assurance: having confidence in your suppliers
Questions to ask your suppliers that will help you gain confidence in their cyber security.
- Studies in secure system design
Worked examples for Operational Technology and Virtualised systems, using the NCSC’s secure […]
- Spotlight on shadow IT
New guidance to help organisations manage rogue devices and services within the enterprise.
- So long and thanks for all the bits
Ian Levy, the NCSC’s departing Technical Director, discusses life, the universe, and everything.
- Smart devices: new law helps citizens to choose secure products
Download the NCSC’s point-of-sale leaflet explaining how new PSTI regulation affects consumers […]
