GIXnews

Whaling: how it works, and what your organisation can do about it

Whaling is a highly targeted phishing attack – aimed at senior executives – masquerading as a legitimate email. Whaling is digitally enabled fraud through social engineering, designed to encourage victims to perform a secondary action, such as initiating a wire transfer of funds. Whaling does not require extensive technical knowledge yet can deliver huge returns. …

Whaling: how it works, and what your organisation can do about it Read More »

Vulnerability management

All modern software contains vulnerabilities; either software defects that require patches to remedy, or configuration issues that require administrative activity to resolve. For this reason, organisations should have a vulnerability management process which enables them to know what vulnerabilities are present within their IT estate on a regular basis. Executive staff should ideally be as …

Vulnerability management Read More »

Using TLS to protect data

This guidance outlines how to configure the services that must be able to receive incoming connections from unknown clients or services. Specifically it covers the scenarios of operating a public website and supporting email transfer using Simple Mail Transfer Protocol (SMTP). This guidance does not address use of TLS for Virtual Private Networks (VPNs). About …

Using TLS to protect data Read More »

Using IPsec to protect data

This guide will help you deploy or buy network encryption, using IPsec. It provides recommendations for the selection and configuration of relevant equipment. It also describes how a network encryption service needs to operate to provide an understood level of security. The recommendations in this guidance balance security and usability. About this guidance This guide …

Using IPsec to protect data Read More »

Transaction Monitoring for HMG Online Service Providers (GPG 53)

This guidance provides an overview of TxM from first principles to a suggested organisational structure and outlines a number of questions that organisations need to take into account when considering the business case for a TxM system. Read more here:: NCSC Guidance

Serving Web Content (Architectural Pattern 10)

This Architectural Pattern sets out key principles that help control the risks that are frequently found in serving web content. It is highly recommended that the principles presented in this Architectural Pattern are considered and integrated into the project from its beginning. Read more here:: NCSC Guidance

Security operations centre (SOC) buyers guide

This guidance is for organisations that are considering procuring a Security Operations Centre (SOC) from a third party. It is equally applicable for those seeking to establish their own in-house SOC. It summarises the core functions of a SOC, and includes the different deployment options available, the SOC lifecycle, and other high-level considerations. What does …

Security operations centre (SOC) buyers guide Read More »

Security governance, enabling sensible risk management decisions & communication

Security governance and business objectives Standard approaches to security and risk management are sometimes misinterpreted. Whilst being a useful starting point, the establishment of predetermined security risk management structures, business processes, roles and requirements are too often separated from the normal decision making structures and processes used elsewhere in the business. This separation can lead …

Security governance, enabling sensible risk management decisions & communication Read More »

Security governance introduction

What is security governance? Security governance is the means by which you control and direct your organisation’s approach to security. When done well, security governance will effectively coordinate the security activities of your organisation. It enables the flow of security information and decisions around your organisation. Just as security is the responsibility of everyone within …

Security governance introduction Read More »

Security Incident Management (GPG 24)

This guidance is primarily targeted at security managers who are accountable or responsible for implementing security incident management. The emphasis is on understanding and responding to business risks and what is required of a security incident response team. Read more here:: NCSC Guidance

Secure sanitisation of storage media

This guidance is suitable for any organisation wishing to ensure that their data held on storage media can not be read by unauthorised parties after it has left organisational control. What is sanitisation? Any data which is sensitive to your business should be removed from the media which stored it; just hitting ‘Delete’ isn’t enough. …

Secure sanitisation of storage media Read More »

Protective DNS Service for the UK Public Sector: Frequently Asked Questions

What is DNS? The Domain Name System (DNS) is often referred to as ‘the address book of the internet’ – it turns memorable names that humans can use, into the IP addresses that computer systems use to locate each other. Every time you ask your computer to access a website, your computer uses DNS to …

Protective DNS Service for the UK Public Sector: Frequently Asked Questions Read More »

Protecting your organisation from ransomware

Ransomware is a growing global cyber security threat, and one which could affect any organisation that does not have appropriate defences. The first half of 2016 saw an almost threefold increase in ransomware variants compared to the whole of 2015[1]. While ransomware against Windows operating systems has been commonplace for some years, attacks against Mac …

Protecting your organisation from ransomware Read More »