Protecting how you administer cloud services
Protecting how you administer cloud services No matter which cloud service you choose, there are two aspects of your security...
NCSC
Early Warning is joining MyNCSC
Early Warning is joining MyNCSC Recap of Early Warning Existing users will know that https://www.ncsc.gov.uk/information/early-warning-service" target="_self">Early Warning is a threat-notification...
New cloud security guidance: it’s all about the config
New cloud security guidance: it's all about the config The https://www.ncsc.gov.uk/blog-post/relaunching-the-ncscs-cloud-security-guidance-collection" target="_self">Cloud security guidance that we relaunched last year focuses...
New cyber security training packages launched to manage supply chain risk
New cyber security training packages launched to manage supply chain risk The NCSC are delighted to launch https://www.ncsc.gov.uk/guidance/mapping-your-supply-chain#section_6" target="_self">two new...
Accessibility as a cyber security priority
Accessibility as a cyber security priority 3 years ago, Anna (not her real name) was diagnosed with a neurological autoimmune...
i100 industry team and NCSC collaborate on refreshed guidance for boards
i100 industry team and NCSC collaborate on refreshed guidance for boards Originally published in 2019, the https://www.ncsc.gov.uk/collection/board-toolkit" target="_self">NCSC’s cyber security...
Why more transparency around cyber attacks is a good thing for everyone
Why more transparency around cyber attacks is a good thing for everyone At the NCSC and ICO, we deal with...
Refreshed ‘cyber security toolkit’ helps board members to govern online risk
Refreshed 'cyber security toolkit' helps board members to govern online risk I am delighted to announce the launch of the...
New ‘supply chain mapping’ guidance
New ‘supply chain mapping’ guidance Supply chain mapping is the process of recording, storing and using information gathered from suppliers...
Zero trust migration: How will I know if I can remove my VPN?
Zero trust migration: How will I know if I can remove my VPN? As your organisation makes the transition to...
Phishing and ransomware amongst biggest threats to charity sector
Phishing and ransomware amongst biggest threats to charity sector A new threat report published today reveals why the charity sector...
Using MSPs to administer your cloud services
Using MSPs to administer your cloud services Any conversation about securing cloud services will swiftly turn towards the cloud shared...
Telling users to ‘avoid clicking bad links’ still isn’t working
Telling users to ‘avoid clicking bad links’ still isn’t working Let's start with a basic premise: several of the established...
Preparing for the long haul: the cyber threat from Russia
Preparing for the long haul: the cyber threat from Russia In January 2022, ahead of Russia’s invasion of Ukraine, we...
Why vulnerabilities are like buses
Why vulnerabilities are like buses There's an old saying that you wait ages for a bus, and then several come...
Using secure messaging, voice and collaboration apps
Using secure messaging, voice and collaboration apps With 'hybrid working' (a combination of working from home and the office) now...
Log4j vulnerability: what should boards be asking?
Log4j vulnerability: what should boards be asking? The Log4Shell critical vulnerability in the widely used logging tool Log4j has caused concern...
Cyber Security in the Built Environment – considering security throughout a buildings lifecycle
Cyber Security in the Built Environment - considering security throughout a buildings lifecycle A building being designed today is, as...
The Technology Assurance principles
The Technology Assurance principles In this blog post I want to introduce a new family of principles, the Technology Assurance...
‘Transaction monitoring’ & ‘Building and operating a secure online service’ guidance published
'Transaction monitoring' & 'Building and operating a secure online service' guidance published If you're responsible for the designing and running...
Zero Trust migration: where do I start?
Zero Trust migration: where do I start? Following our ‘Zero Trust: is it right for me?' blog, this second installment...
The Cyber Assessment Framework 3.1
The Cyber Assessment Framework 3.1 This latest version of the Cyber Assessment Framework (CAF), 3.1, supports the CAF's core users -...
New SOC guidance 101
New SOC guidance 101 Security operations centres (or SOCs) are notoriously difficult to design, build and operate. But they're also...
