UK National Cyber Security Centre.
UK National Cyber Security Centre Feed This includes feeds from report, guidance and blog-post
- Home working: preparing your organisation and staff
on December 17, 2025 at 3:44 pmHow to make sure your organisation is prepared for home working.
- Data breaches: guidance for individuals and familieson December 17, 2025 at 3:16 pm
How to protect yourself from the impact of data breaches
- Sextortion emails: how to protect yourselfon December 17, 2025 at 2:57 pm
Advice in response to the increase in sextortion scams
- Drawing good architecture diagramson December 16, 2025 at 8:57 am
Some tips on good diagram drafting and pitfalls to avoid when trying to understand a system in order to secure it.
- Mitigating malware and ransomware attackson December 15, 2025 at 1:04 pm
How to defend organisations against malware or ransomware attacks.
- Cyber deception trials: what we’ve learned so faron December 15, 2025 at 8:17 am
An update on the NCSC’s trials to test the real-world efficacy of cyber deception solutions.
- Shopping and paying safely onlineon December 8, 2025 at 4:40 pm
Tips to help you purchase items safely and avoid fraudulent websites.
- How to recover an infected deviceon December 8, 2025 at 4:33 pm
Advice for those concerned a device has been infected.
- Recovering a hacked accounton December 8, 2025 at 4:28 pm
A step by step guide to recovering online accounts.
- Early Years practitioners: using cyber security to protect your settingson December 8, 2025 at 4:26 pm
How to protect sensitive information about your setting and the children in your care from accidental damage and online criminals.
- How to spot scammers claiming to be from the NCSCon December 8, 2025 at 3:47 pm
Check that you’re talking to a genuine NCSC employee, and not a criminal.
- Using IPsec to protect dataon December 8, 2025 at 1:16 pm
Guidance for organisations wishing to deploy products that use IPsec.
- Prompt injection is not SQL injection (it may be worse)on December 8, 2025 at 1:02 pm
There are crucial differences between prompt and SQL injection which – if not considered – can undermine mitigations.
- Using TLS to protect dataon December 8, 2025 at 10:47 am
Recommended profiles to securely configure TLS for the most common versions and scenarios, with additional guidance for managing older versions.
- A method to assess ‘forgivable’ vs ‘unforgivable’ vulnerabilitieson December 8, 2025 at 9:58 am
Research from the NCSC designed to eradicate vulnerability classes and make the top-level mitigations easier to implement.
- Provisioning and managing certificates in the Web PKIon December 8, 2025 at 8:36 am
How service owners should securely provision and manage certificates in the Web PKI.
- Updating our guidance on security certificates, TLS and IPsecon December 8, 2025 at 8:04 am
The NCSC has updated 3 key pieces of cryptographic guidance. Here, we explain the changes.
- Building trust in the digital age: a collaborative approach to content provenance technologieson December 3, 2025 at 9:02 am
Joint NCSC and Canadian Centre for Cyber Security primer helps organisations understand emerging technologies that can help maintain trust in their public-facing information.
- What makes a responsible cyber actor: introducing the Pall Mall industry consultation on good practiceon December 2, 2025 at 9:30 am
Calling vulnerability researchers, exploit developers and others in the offensive cyber industry to share their views.
- It’s time for all small businesses to acton November 27, 2025 at 4:17 pm
The NCSC’s Cyber Action Toolkit helps you to protect your business from online attacks.
- NCSC handing over the baton of smart meter security: a decade of progresson November 27, 2025 at 8:54 am
Why transferring the Commercial Product Assurance scheme to industry ownership marks an important milestone.
- Choosing a managed service provider (MSP)on November 24, 2025 at 9:10 am
An SME’s guide to selecting and working with managed service providers.
- Cyber Security and Resilience Policy Statement to strengthen regulation of critical sectorson November 11, 2025 at 4:36 pm
New proposals will combat the growing threat to UK critical national infrastructure (CNI).
- Cyber Action Toolkit: breaking down the barriers to resilienceon November 11, 2025 at 7:59 am
How the NCSC’s ‘Cyber Action Toolkit’ is helping small businesses to improve their cyber security.
- NCSC to retire Web Check and Mail Checkon November 5, 2025 at 11:30 am
By 31 March 2026, organisations should have alternatives to Mail Check and Web Check in place.
- External attack surface management (EASM) buyer’s guideon November 4, 2025 at 8:31 am
A guide to choosing the right EASM product for your organisation, and the security features you need to consider.
- EASM buyer’s guide now availableon October 28, 2025 at 2:10 pm
How to choose an external attack surface management (EASM) tool that’s right for your organisation.
- Cyber security is business survivalon October 21, 2025 at 10:59 am
The NCSC co-signs Ministerial letter to major British businesses including FTSE 350 companies.
- There’s a hole in my bucketon October 14, 2025 at 7:31 am
…or ‘Why do people leave sensitive data in unprotected AWS S3 buckets?’
- Maintaining a sustainable strengthened cyber security postureon October 13, 2025 at 10:22 pm
How organisations can avoid staff burnout during an extended period of heightened cyber threat.
