UK National Cyber Security Centre.
UK National Cyber Security Centre Feed This includes feeds from report, guidance and blog-post
- Improving your response to vulnerability management
on February 9, 2026 at 8:24 pmHow to ensure the ‘organisational memory’ of past vulnerabilities is not lost.
- Can you help the NCSC with the next phase of EASM research?on February 6, 2026 at 10:44 am
Organisations with experience in external attack surface management can help us shape future ACD 2.0 services.
- Eradicating trivial vulnerabilities, at scaleon February 6, 2026 at 8:11 am
A new NCSC research paper aims to reduce the presence of ‘unforgivable’ vulnerabilities.
- Thanking the vulnerability research community with NCSC Challenge Coinson February 6, 2026 at 8:11 am
Reflecting on the positive impact of the Vulnerability Reporting Service – and introducing something new for selected contributors.
- Cloud Security Posture Management: silver bullet or another piece in the cloud puzzle?on February 2, 2026 at 4:24 pm
CSPM tools are big business. Could they be the answer to your cloud configuration problems?
- One small step for Cyber Resilience Test Facilities, one giant leap for technology assuranceon January 29, 2026 at 1:08 pm
CRTFs are helping organisations to make informed, risk-based decisions on the adoption of technology products.
- Designing safer links: secure connectivity for operational technologyon January 14, 2026 at 10:36 am
New principles help organisations to design, review, and secure connectivity to (and within) OT systems.
- The Government Cyber Action Plan: strengthening resilience across the UKon January 7, 2026 at 1:16 pm
With GCAP, the UK government is taking decisive steps towards a safer, more resilient future.
- Home working: preparing your organisation and staffon December 17, 2025 at 3:44 pm
How to make sure your organisation is prepared for home working.
- Data breaches: guidance for individuals and familieson December 17, 2025 at 3:16 pm
How to protect yourself from the impact of data breaches
- Sextortion emails: how to protect yourselfon December 17, 2025 at 2:57 pm
Advice in response to the increase in sextortion scams
- Drawing good architecture diagramson December 16, 2025 at 8:57 am
Some tips on good diagram drafting and pitfalls to avoid when trying to understand a system in order to secure it.
- Mitigating malware and ransomware attackson December 15, 2025 at 1:04 pm
How to defend organisations against malware or ransomware attacks.
- Cyber deception trials: what we’ve learned so faron December 15, 2025 at 8:17 am
An update on the NCSC’s trials to test the real-world efficacy of cyber deception solutions.
- Shopping and paying safely onlineon December 8, 2025 at 4:40 pm
Tips to help you purchase items safely and avoid fraudulent websites.
- How to recover an infected deviceon December 8, 2025 at 4:33 pm
Advice for those concerned a device has been infected.
- Recovering a hacked accounton December 8, 2025 at 4:28 pm
A step by step guide to recovering online accounts.
- Early Years practitioners: using cyber security to protect your settingson December 8, 2025 at 4:26 pm
How to protect sensitive information about your setting and the children in your care from accidental damage and online criminals.
- How to spot scammers claiming to be from the NCSCon December 8, 2025 at 3:47 pm
Check that you’re talking to a genuine NCSC employee, and not a criminal.
- Using IPsec to protect dataon December 8, 2025 at 1:16 pm
Guidance for organisations wishing to deploy products that use IPsec.
- Prompt injection is not SQL injection (it may be worse)on December 8, 2025 at 1:02 pm
There are crucial differences between prompt and SQL injection which – if not considered – can undermine mitigations.
- Using TLS to protect dataon December 8, 2025 at 10:47 am
Recommended profiles to securely configure TLS for the most common versions and scenarios, with additional guidance for managing older versions.
- A method to assess ‘forgivable’ vs ‘unforgivable’ vulnerabilitieson December 8, 2025 at 9:58 am
Research from the NCSC designed to eradicate vulnerability classes and make the top-level mitigations easier to implement.
- Provisioning and managing certificates in the Web PKIon December 8, 2025 at 8:36 am
How service owners should securely provision and manage certificates in the Web PKI.
- Updating our guidance on security certificates, TLS and IPsecon December 8, 2025 at 8:04 am
The NCSC has updated 3 key pieces of cryptographic guidance. Here, we explain the changes.
- Building trust in the digital age: a collaborative approach to content provenance technologieson December 3, 2025 at 9:02 am
Joint NCSC and Canadian Centre for Cyber Security primer helps organisations understand emerging technologies that can help maintain trust in their public-facing information.
- What makes a responsible cyber actor: introducing the Pall Mall industry consultation on good practiceon December 2, 2025 at 9:30 am
Calling vulnerability researchers, exploit developers and others in the offensive cyber industry to share their views.
- It’s time for all small businesses to acton November 27, 2025 at 4:17 pm
The NCSC’s Cyber Action Toolkit helps you to protect your business from online attacks.
- NCSC handing over the baton of smart meter security: a decade of progresson November 27, 2025 at 8:54 am
Why transferring the Commercial Product Assurance scheme to industry ownership marks an important milestone.
- Choosing a managed service provider (MSP)on November 24, 2025 at 9:10 am
An SME’s guide to selecting and working with managed service providers.
