UK National Cyber Security Centre Guidance.
This includes feeds from guidance
- Cyber security for high profile conferenceson February 19, 2025 at 2:12 pm
Managing the cyber security of high profile events in the real and virtual worlds.
- Asset managementon February 19, 2025 at 2:11 pm
Implementing asset management for good cyber security.
- Building and operating a secure online serviceon February 19, 2025 at 2:07 pm
Guidance for organisations that use, own, or operate an online service who are looking to start securing it.
- Pattern: Safely Importing Dataon February 19, 2025 at 1:24 pm
An architecture pattern for safely importing data into a system from an external source.
- Effective steps to cyber exercise creationon February 19, 2025 at 1:23 pm
The following tips can help organisations create their own cyber incident response exercises.
- How to spot scammers claiming to be from the NCSCon February 19, 2025 at 1:17 pm
Check that you’re talking to a genuine NCSC employee, and not a criminal.
- GDPR security outcomeson February 19, 2025 at 1:16 pm
This guidance describes a set of technical security outcomes that are considered to represent appropriate measures under the GDPR.
- Design Pattern: Safely Exporting Dataon February 19, 2025 at 1:14 pm
How to implement a secure end-to-end data export solution
- Early Years practitioners: using cyber security to protect your settingson February 19, 2025 at 1:11 pm
How to protect sensitive information about your setting and the children in your care from accidental damage and online criminals.
- MIKEY-SAKKE frequently asked questionson February 19, 2025 at 1:10 pm
A brief guide to MIKEY-SAKKE, a protocol that allows organisations to provide secure communications with end-to-end encryption.
- Reducing data exfiltration by malicious insiderson February 19, 2025 at 1:09 pm
Advice and recommendations for mitigating this type of insider behaviour.
- Scam ‘missed parcel’ SMS messages: advice on avoiding malwareon February 19, 2025 at 1:07 pm
How to avoid malware sent using scam ‘missed parcel’ SMS messages, and what to do if your phone is already infected.
- Zero trust: building a mixed estateon February 19, 2025 at 1:04 pm
Two ways organisations can enable access and maintain the security benefits of zero trust even when parts of the infrastructure can’t implement the zero trust principles.
- Transaction Monitoring for online serviceson February 19, 2025 at 1:02 pm
This guidance is aimed at service owners and security specialists involved in the provision of online services.
- Macro Security for Microsoft Officeon February 19, 2025 at 12:59 pm
Why macros are a threat, and the approaches you can take to protect your systems.
- Business communications – SMS and telephone best practiceon February 10, 2025 at 2:30 pm
How to ensure your organisation’s SMS and telephone messages are effective and trustworthy.
- Network security fundamentalson February 6, 2025 at 8:57 am
How to design, use, and maintain secure networks.
- Guidance on digital forensics and protective monitoring specifications for producers of network devices and applianceson February 5, 2025 at 1:25 pm
Outlining the expectations for the minimum requirement for forensic visibility, to help network defenders secure organisational networks both before and after a compromise.
- Secure sanitisation and disposal of storage mediaon February 5, 2025 at 7:30 am
How to ensure data cannot be recovered from electronic storage media.
- Penetration testingon January 31, 2025 at 1:39 pm
How to get the most from penetration testing
