Serving Web Content (Architectural Pattern 10)

This Architectural Pattern sets out key principles that help control the risks that are frequently found in serving web content. It is highly recommended that the principles presented in this Architectural Pattern are considered and integrated into the project from its beginning. Read more here:: NCSC Guidance

Security operations centre (SOC) buyers guide

This guidance is for organisations that are considering procuring a Security Operations Centre (SOC) from a third party. It is equally applicable for those seeking to establish their own in-house SOC. It summarises the core functions of a SOC, and includes the different deployment options available, the SOC lifecycle, and other high-level considerations. What does …

Security operations centre (SOC) buyers guide Read More »

Security governance, enabling sensible risk management decisions & communication

Security governance and business objectives Standard approaches to security and risk management are sometimes misinterpreted. Whilst being a useful starting point, the establishment of predetermined security risk management structures, business processes, roles and requirements are too often separated from the normal decision making structures and processes used elsewhere in the business. This separation can lead …

Security governance, enabling sensible risk management decisions & communication Read More »

Security governance introduction

What is security governance? Security governance is the means by which you control and direct your organisation’s approach to security. When done well, security governance will effectively coordinate the security activities of your organisation. It enables the flow of security information and decisions around your organisation. Just as security is the responsibility of everyone within …

Security governance introduction Read More »

Security Incident Management (GPG 24)

This guidance is primarily targeted at security managers who are accountable or responsible for implementing security incident management. The emphasis is on understanding and responding to business risks and what is required of a security incident response team. Read more here:: NCSC Guidance

Secure sanitisation of storage media

This guidance is suitable for any organisation wishing to ensure that their data held on storage media can not be read by unauthorised parties after it has left organisational control. What is sanitisation? Any data which is sensitive to your business should be removed from the media which stored it; just hitting ‘Delete’ isn’t enough. …

Secure sanitisation of storage media Read More »

Protective DNS Service for the UK Public Sector: Frequently Asked Questions

What is DNS? The Domain Name System (DNS) is often referred to as ‘the address book of the internet’ – it turns memorable names that humans can use, into the IP addresses that computer systems use to locate each other. Every time you ask your computer to access a website, your computer uses DNS to …

Protective DNS Service for the UK Public Sector: Frequently Asked Questions Read More »

Protecting your organisation from ransomware

Ransomware is a growing global cyber security threat, and one which could affect any organisation that does not have appropriate defences. The first half of 2016 saw an almost threefold increase in ransomware variants compared to the whole of 2015[1]. While ransomware against Windows operating systems has been commonplace for some years, attacks against Mac …

Protecting your organisation from ransomware Read More »

Protecting Bulk Personal Data: Introduction

Whether they’re held by public service or private enterprise, these bulk data stores make very tempting targets for attackers of all kinds. So it’s essential to ensure they’re adequately protected. The fifteen good practice measures outlined below provide a set of indicators against which the security of your holdings can be objectively appraised. They enable …

Protecting Bulk Personal Data: Introduction Read More »

PIANOS: Protecting Information About Networks, the Organisation and its Systems

Electronic material, common to all IT infrastructures, is used by intruders to understand their target environment. A study of the movements of intruders has resulted in advice that will impede their progress, make attacks more expensive to conduct and make detection easier. This guidance includes an infographic showing target technical information within an organisation and …

PIANOS: Protecting Information About Networks, the Organisation and its Systems Read More »

Organisation Identity (GPG 46)

This document should be read by individuals in organisations that are responsible for identity proofing other organisations where any HMG department or service will be relying on the identity of that organisation. This includes those responsible for the procurement, assessment or delivery of an Identity Assurance (IdA) service. Read more here:: NCSC Guidance

Mitigating Denial of Service (DoS) Attacks

Note: This publication is in ALPHA. Please send any feedback to the address platform [at] cesg.gsi.gov.uk. Introduction About this guidance This ALPHA guidance describes some of the most common methods used by groups or individuals wishing to disrupt an online service, and suggests some possible mitigations. It is particularly relevant for public sector organisations operating …

Mitigating Denial of Service (DoS) Attacks Read More »

Macro Security for Microsoft Office

This guidance describes how administrators can help protect their systems from malicious Microsoft Office macros. It outlines why macros are a threat, and the approaches you can take to protect your devices. We recommend you also read the Australian Cyber Security Centre’s technical document on macro security. What are macros, and why are they a …

Macro Security for Microsoft Office Read More »

MIKEY-SAKKE frequently asked questions

What is MIKEY-SAKKE? MIKEY-SAKKE is a protocol designed for government and relevant enterprises to enable secure, cross-platform multimedia communications. What are the advantages of MIKEY-SAKKE? MIKEY-SAKKE is highly scalable, requiring no prior setup between users or distribution of user certificates. It is highly flexible, supporting both real-time communications (such as voice), conference calls, and deferred …

MIKEY-SAKKE frequently asked questions Read More »

Internet Gateways (Architectural Pattern 17)

This Pattern deals with generic usage scenarios, such as browsing the Internet, sending emails and accessing other generic uses. For specific use cases, especially where there is a perceived level of increased risk, it is recommended that you seek advice from CESG. Read more here:: NCSC Guidance