UK National Cyber Security Centre.
- Designing safer links: secure connectivity for operational technology
on January 14, 2026 at 10:36 amNew principles help organisations to design, review, and secure connectivity to (and within) OT systems.
- The Government Cyber Action Plan: strengthening resilience across the UKon January 7, 2026 at 1:16 pm
With GCAP, the UK government is taking decisive steps towards a safer, more resilient future.
- Drawing good architecture diagramson December 16, 2025 at 8:57 am
Some tips on good diagram drafting and pitfalls to avoid when trying to understand a system in order to secure it.
- Cyber deception trials: what we’ve learned so faron December 15, 2025 at 8:17 am
An update on the NCSC’s trials to test the real-world efficacy of cyber deception solutions.
- Prompt injection is not SQL injection (it may be worse)on December 8, 2025 at 1:02 pm
There are crucial differences between prompt and SQL injection which – if not considered – can undermine mitigations.
- Updating our guidance on security certificates, TLS and IPsecon December 8, 2025 at 8:04 am
The NCSC has updated 3 key pieces of cryptographic guidance. Here, we explain the changes.
- Building trust in the digital age: a collaborative approach to content provenance technologieson December 3, 2025 at 9:02 am
Joint NCSC and Canadian Centre for Cyber Security primer helps organisations understand emerging technologies that can help maintain trust in their public-facing information.
- What makes a responsible cyber actor: introducing the Pall Mall industry consultation on good practiceon December 2, 2025 at 9:30 am
Calling vulnerability researchers, exploit developers and others in the offensive cyber industry to share their views.
- It’s time for all small businesses to acton November 27, 2025 at 4:17 pm
The NCSC’s Cyber Action Toolkit helps you to protect your business from online attacks.
- NCSC handing over the baton of smart meter security: a decade of progresson November 27, 2025 at 8:54 am
Why transferring the Commercial Product Assurance scheme to industry ownership marks an important milestone.
- Cyber Security and Resilience Policy Statement to strengthen regulation of critical sectorson November 11, 2025 at 4:36 pm
New proposals will combat the growing threat to UK critical national infrastructure (CNI).
- Cyber Action Toolkit: breaking down the barriers to resilienceon November 11, 2025 at 7:59 am
How the NCSC’s ‘Cyber Action Toolkit’ is helping small businesses to improve their cyber security.
- NCSC to retire Web Check and Mail Checkon November 5, 2025 at 11:30 am
By 31 March 2026, organisations should have alternatives to Mail Check and Web Check in place.
- EASM buyer’s guide now availableon October 28, 2025 at 2:10 pm
How to choose an external attack surface management (EASM) tool that’s right for your organisation.
- Cyber security is business survivalon October 21, 2025 at 10:59 am
The NCSC co-signs Ministerial letter to major British businesses including FTSE 350 companies.
- There’s a hole in my bucketon October 14, 2025 at 7:31 am
…or ‘Why do people leave sensitive data in unprotected AWS S3 buckets?’
- Getting your organisation ready for Windows 11 upgrade before Autumn 2025on October 8, 2025 at 1:04 pm
Why you should act now to ensure you meet the new hardware standards, and prioritise security.
- Strengthening national cyber resilience through observability and threat huntingon October 8, 2025 at 6:26 am
How organisations can improve their ability to both detect and discover cyber threats.
- RFC 9794: a new standard for post-quantum terminologyon October 7, 2025 at 3:31 pm
The NCSC’s contribution to the Internet Engineering Task Force will help to make the internet more secure.
- Understanding your OT environment: the first step to stronger cyber securityon September 29, 2025 at 7:21 am
If you can’t see your entire operational technology environment, you can’t defend it. New guidance from the NCSC will help you gain that visibility.
