css menu by Css3Menu.com

The Art and Design of Sarah Bunday

The home of all things Banking
Voipfone VoIP 30 Day FREE Trial Click To Sign Up Now

New legislation will help counter the cyber threat to our essential services
The announcement of the Cyber Security and Resilience Bill is a landmark moment in tackling the growing threat to the UK's critical systems.

"If you have knowledge, let others light their candles in it."
Why sharing lessons learned from cyber security incidents and ‘near misses’ will help everyone to improve

Cyber Essentials 'Pathways': From experiment to proof of concept
We are encouraging large organisations to help us develop an alternative route to certification.

I'll make you an offer you can't refuse...
How to prevent malicious advertisements from ruining your day.

Raising the cyber resilience of software 'at scale'
New ‘Code of Practice for Software Vendors’ will ensure that security is fundamental to developing and distributing products and services.

Offline backups in an online world
How to protect your backups that are stored in the public cloud.

Making email mean something again
How the NCSC is helping public sector organisations to adopt important anti-phishing protocols.

Machine learning security principles updated
Revised principles will help people make the right security decisions when developing systems with AI/ML components.

Business email compromise: new guidance to protect your organisation
How to disrupt targeted phishing attacks aimed at senior executives or budget holders.

Introducing the NCSC's ‘Share and Defend’ capability
Join the community of service providers helping to protect the UK from cyber attacks.

Asset management for cyber security
Help understanding what good asset management looks like from a cyber security perspective and some of the challenges it presents.

Accessibility as a cyber security priority
Want security that works better for people? Make it accessible.

Are you hungry? A two-part blog about risk appetites
Risk appetites; what are they, what’s their purpose, how do organisations go about defining them?

Advanced Mobile Solutions (AMS) guidance trailer
Chris P explains how AMS will enable high-threat organisations to stay connected ‘on the go'.

NCSC's cyber security training for staff now available
The NCSC’s e-learning package 'Top Tips For Staff' can be completed online, or built into your own training platform.

Cyber Assessment Framework 3.2
Latest version of the CAF reflects the increased threat to critical national infrastructure

"What's happened to my data?"
Irrespective of whether the ransom is paid, a ransomware attack means organisations have lost control of their information.

Smart devices: new law helps citizens to choose secure products
Download the NCSC’s point-of-sale leaflet explaining how new PSTI regulation affects consumers and retailers.

Pathways: exploring a new way to achieve Cyber Essentials certification
For large, complex firms struggling with the prescriptiveness of Cyber Essentials, ‘Pathways’ will provide a new route to certification.

'NCSC Cyber Series' podcast now available
Listen to all five episodes now, covering a wide range of cyber security topics.

Ever wondered how a cyber crime gang operates?
NCSC publishes new report on criminal online activity.

Securing Office 365 with better configuration
How our Office 365 advisory and new security guidance from Microsoft can help protect your cloud services.

Watch all the plenaries from CYBERUK 2024 live, and for free
Key talks from the UK government’s flagship cyber security event will be livestreamed from Birmingham’s ICC.

Interactive administration in the cloud: managing the risks
Tips to help you secure and reduce interactive access to your cloud infrastructure.

Preparing for the long haul: the cyber threat from Russia
Although the UK has not experienced severe cyber attacks in relation to Russia’s invasion of Ukraine, now is not the time for complacency.

Funded cyber certification helps small charities to provide legal aid to vulnerable citizens
How the funded Cyber Essentials Programme helped the ‘Law Centres Network’ protect its IT estate - and client data - from cyber attacks.

SCADA 'in the cloud': new guidance for OT organisations
If migrating SCADA solutions to the cloud, cyber security must be a key consideration for operational technology organisations.

Check your email security, and protect your customers
Free online tool from the NCSC prevents cyber criminals using your email to conduct cyber attacks.

New 'Connected Places' infographic published
A new visual guide to the cyber security principles that are essential when developing and managing ‘smart cities’.

Products on your perimeter considered harmful (until proven otherwise)
As attackers' tactics change, so must network defenders'.

Market incentives in the pursuit of resilient software and hardware
A new paper from the ONCD explores how metrics can influence markets to improve the cyber security ecosystem.

Cyber security governance: the role of the board
As cyber threats evolve, boards must remain vigilant in cyber security governance.

Revolutionising identity services using AI
The ‘NCSC for Startups’ alumnus giving identity verification the 'Trust Stamp'

Protecting PBX from cyber attacks
Why small organisations need to manage their private branch exchange (PBX) telephone networks.

From the cyber proliferation threat all the way to Pall Mall
The first dedicated conference on this topic – and an insight into the NCSC assessment work behind it.

Unleashing the power of cloud with containerisation
New NCSC guidance describes how organisations can make the most of containerisation.

QR Codes - what's the real risk?
How safe is it to scan that QR code in the pub? Or in that email?

NCSC for Startups: Playing cyber criminals at their own game
CounterCraft's co-founder, Dan Brett, explains how they turn the tables so that social engineering can be used to protect organisations from attackers.

Cyber Essentials: are there any alternative standards?
Can an equivalent cyber security standard deliver the same outcomes as the NCSC’s Cyber Essentials scheme?

Landing at the NCSC (glad I brought my towel)
Ollie Whitehouse, the NCSC’s new Chief Technology Officer, outlines the cyber security challenges he’ll be prioritising.

New guidance to help small organisations use online services more securely
How to set up online (or 'cloud') services so they're protected against common cyber attacks.

The logic behind three random words
Whilst not a password panacea, using 'three random words' is still better than enforcing arbitrary complexity requirements.

Researching the hard problems in hardware security
Introducing the next chapter of the NCSC research problem book, which aims to inspire research on the biggest impact topics in hardware cyber security.

Announcing IASME as our second Delivery Partner for Cyber Incident Response Level 2
Both CIR Delivery Partners are now accepting enquiries and applications.

New cloud guidance: how to 'lift and shift' successfully
Henry O discusses the pitfalls of performing a basic ‘lift and shift’ cloud migration.

Introducing the guidelines for secure AI
New guidelines will help developers make informed decisions about the design, development, deployment and operation of their AI systems.

Cyber Advisor – the first 6 months
The Cyber Advisor scheme has been gaining momentum since its launch six months ago – what happens next?

Thanking the vulnerability research community with NCSC Challenge Coins
Reflecting on the positive impact of the Vulnerability Reporting Service – and introducing something new for selected contributors.

An RFC on IoCs – playing our part in international standards
The NCSC has published a new RFC on Indicators of Compromise to support cyber security in protocol design - and hopes to encourage more cyber defenders to engage with international standards.

Migrating to post-quantum cryptography
New guidance from the NCSC helps system and risk owners plan their migration to post-quantum cryptography (PQC).

AIT fraud: what you need to know
SMS and telephone guidance updated to address the rise in Artificial Inflation of Traffic (AIT).

Logging Made Easy with CISA
The US Cybersecurity and Infrastructure Security Agency have relaunched an updated version of LME.

NCSC to retire Logging Made Easy
The NCSC is retiring Logging Made Easy (LME). After 31 March 2023, we will no longer support LME, and the GitHub page will close shortly after.

Introducing PDNS for Schools
Launching the first phase rollout of a protective DNS service for schools.

Our new principles to help make cloud backups more resilient
Introducing a new set of NCSC principles to strengthen the resilience of organisations' cloud backups from ransomware attackers.

New cyber security training packages launched to manage supply chain risk
NCSC publishes free e-learning to help organisations manage the cyber security risks across their supply chains.

Mastering your supply chain
A new collection of resources from the NCSC can help take your supply chain knowledge to the next level

Data-driven cyber: empowering government security with focused insights from data
How 'small but actionable' insights can improve behaviours and decision making.

New scheme ready for Cyber Incident Exercising providers
A new Cyber Incident Exercising scheme is now open for organisations to apply to be Assured Providers, with IASME and CREST as our delivery partners.

New interactive video - and related downloads - to help secondary school kids stay safe online
A new initiative, aimed at 11 to 14-year-olds, that helps them navigate the risks of online life.

Building on our history of cryptographic research
The NCSC has published new cryptographic research on robust cryptography – we explain its significance and how the ideas could support research to inform future global standards.

Ransomware and the cyber crime ecosystem
A new white paper examines the rise of 'ransomware as a service' and extortion attacks.

Thinking about the security of AI systems
Why established cyber security principles are still important when developing or implementing machine learning models.

Exercise caution when building off LLMs
Large Language Models are an exciting technology, but our understanding of them is still 'in beta'.

A problem shared is . . . in the research problem book
Introducing the new NCSC research problem book and find out how you can get involved.

ChatGPT and large language models: what's the risk?
Do loose prompts* sink ships? Exploring the cyber security issues of ChatGPT and LLMs.

Expanding the scope of Cyber Incident Response (CIR)
Announcing CREST as our first delivery partner and the scheme's readiness for incident response providers to join.

How CyberFish's founder got hooked on Cheltenham
Berta Pappenheim, CEO and co-founder of CyberFish, explains how the NCSC For Startups programme has transformed her professional and personal life.

Tackling the 'human factor' to transform cyber security behaviours
ThinkCyber's CEO Tim Ward reflects on the challenges that startups face when developing innovative products.

Spotlight on shadow IT
New guidance to help organisations manage rogue devices and services within the enterprise.

To SOC or not to SOC ?
For environments that are secure by design, a 'full-fat SOC' is not always required.

Active Cyber Defence: Sixth annual report now available
New ACD services developed to help protect SMEs from the harms caused by cyber attacks.

New techniques added to the NCSC’s ‘risk management toolbox’
Refreshed guidance published to help practitioners manage cyber risk.

Threats and key takeaways for the legal sector
New NCSC report outlines the growing threat to the legal sector, with recommendations to improve cyber resilience.

Protecting how you administer cloud services
New advice on implementing high-risk and ‘break-glass’ accesses in cloud services.

Early Warning is joining MyNCSC
Early Warning, one of the NCSC’s flagship ACD services, will be soon be migrated to the MyNCSC platform. Here we explain the background and what users can expect.

Leveraging NCSC’s national insight to strengthen the fight against mobile threats
Traced Mobile Security co-founder Benedict Jones describes how 'NCSC for Startups' helped evolve his business.

Why more transparency around cyber attacks is a good thing for everyone
Eleanor Fairford, Deputy Director of Incident Management at the NCSC, and Mihaela Jembei, Director of Regulatory Cyber at the Information Commissioner’s Office (ICO), reflect on why it’s so concerning when cyber attacks go unreported – and look at some of the misconceptions about how organisations respond to them.

Putting the consultancy community at its heart
Catherine H reflects on how the changes to the refreshed Assured Cyber Security Consultancy scheme go deeper than just a new name - and welcomes two new consultancies to the scheme.

Introducing Cyber Advisors...
Launching a new Industry Assurance scheme aimed at helping the UK’s small organisations.

Refreshed 'cyber security toolkit' helps board members to govern online risk
Lindy Cameron, CEO, introduces changes to the NCSC’s cyber security resources specifically designed for board members.

The new route for cyber security professional recognition
What the UK Cyber Security Council's Chartership programme means for the CCP scheme and the organisations who use CCP for recruitment and development.

Protect your management interfaces
Why it's important to protect the interfaces used to manage your infrastructure, and some recommendations on how you might do this.

Zero trust migration: How will I know if I can remove my VPN?
In our third blog about migrating to a zero trust architecture, we consider the security properties of an Always On VPN, and the factors to consider when deciding if you no longer need one.

NCSC for Startups: an ecosystem-based approach to cyber security
Andrew Roughan, CEO of the NCSC’s innovation partner Plexal, explains why a whole-of-society approach is vital for cyber security innovation.

Phishing and ransomware amongst biggest threats to charity sector
New report outlines the growing threat that charities face, and how they can become resilient to cyber attacks.

Using MSPs to administer your cloud services
Andrew A explains what you must check before giving Managed Service Providers (MSPs) the keys to your kingdom.

Secure home working on personal IT
Useful tips and resources for people using personal IT to work from home.

Telling users to ‘avoid clicking bad links’ still isn’t working
Why organisations should avoid ‘blame and fear’, and instead use technical measures to manage the threat from phishing.

How the NCSC thinks about security architecture
Richard C explains how an understanding of vulnerabilities - and their exploitation - informs how the NCSC assesses the security of computer systems.

Making Principles Based Assurance a reality
An update on the work to make Principles Based Assurance (PBA) usable in practice.

Principles and how they can help us with assurance
Explaining the forthcoming NCSC Technology Assurance Principles.

NCSC For Startups: Vistalworks cracking down on illicit trade
Vicky Brock of Vistalworks describes how the 'NCSC For Startups' programme has helped her organisation develop solutions to tackle illicit online trade.

So long and thanks for all the bits
Ian Levy, the NCSC’s departing Technical Director, discusses life, the universe, and everything.

Nine months on from the Cyber Essentials update - debunking some myths
Anne W takes stock of where we are following the changes to Cyber Essentials in early 2022, discussing some of the feedback received and clarifying some common misconceptions.

Cyber Essentials Plus is for charities too!
Sara Ward, the CEO of Black Country Women's Aid, discusses her organisation's experience of gaining Cyber Essentials Plus certification.

NCSC for Startups: the case for collaboration
Saj Huq of Plexal explains why collaboration with the NCSC brings opportunities to the cyber security sector.

"Winning trust, and making powerful connections"
Chris Wallis, CEO of Intruder, explains how completing the NCSC's Startup Programme was a turning point for his organisation.

Protect your customers to protect your brand
New guidance to protect your brand from being exploited online, and to help you choose alternate authentication models.

The security benefits of modern collaboration in the cloud
By exploiting cloud services, organisations no longer have to choose between ‘more security’ and ‘better usability’.

Passwords, passwords everywhere
How password deny lists can help your users to make sensible password choices.

Not perfect, but better: improving security one step at a time
Why striving for better (rather than perfect) security will help more people stay safer online.

Living with password re-use
In a perfect world we'd use unique passwords for every online service. But the world isn't perfect...

Even Jedi can't achieve Password Perfection
Emma W on why supporting users to do the right things is better then telling them what to do.

What does the NCSC think of password managers?
Emma W discusses the question everyone keeps asking us.

Let them paste passwords
Allow your website to accept pasted passwords - it makes your site more secure, not less.

Three random words or #thinkrandom
Ian M discusses what makes a good password

The problems with forcing regular password expiry
Why the NCSC decided to advise against this long-established security guideline.

Log4j vulnerability: what should boards be asking?
Advice for board members of medium to large organisations that are at risk from the Apache Log4j vulnerability.

The rise of ransomware
Toby L, Technical Lead for Incident Management, explains how modern-day ransomware attacks are evolving.

How Rebellion Defence used NCSC For Startups to accelerate product development
Unparalleled access to skilled users transformed Rebellion Defence’s product roadmap.

TLS 1.3: better for individuals - harder for enterprises
The NCSC's technical director outlines the challenges that TLS 1.3 presents for enterprise security.

Time to KRACK the security patches out again
Andrew A puts some context around the recently published KRACK guidance and explains why patching - once again - is the answer.

'WannaCry' ransomware: guidance updates
Jon L provides an update on the NCSC's guidance on the 'WannaCry' ransomware.

Finding the kill switch to stop the spread of ransomware
MalwareTech's blog post on coming across a kill switch to stop the spread of the recent ransomware incident.

Open sourcing MailCheck
The NCSC has open sourced the code behind MailCheck - one of our Active Cyber Defence projects.

Firmware updates on Linux, and using data to influence procurement decisions
Focused on automating UEFI firmware updates on Windows devices.

Spray you, spray me: defending against password spraying attacks
Andy P summarises how organisations can protect users' accounts from password spraying.

NCSC IT: Installing software updates without breaking things
Andy P explains how the NCSC rolls out software updates without delays.

Firmware bugs are like buses
Intel's report this week of security vulnerabilities emphasises the importance of automating firmware updates.

Automating UEFI Firmware Updates
Discussing the state of UEFI firmware running on Windows laptops.

NCSC IT: MDM products - which one is best?
In part 3, we discuss why there is no one right answer to "What is the best MDM product?", as we found when building our own IT system.

NCSC IT: The architecture behind NCSC's IT system
A look at the high-level design of the NCSC's new IT system, including the single sign-on architecture, our initial end user device choices, and how we tackled the captive portal problem.

Firmware II: Status check
Initial research shows firmware frequently out of date.

Getting a grip on firmware
Investigating the security of firmware and why this often overlooked component should not be ignored.

What exactly should we be logging?
A structured look at what data to collect for security purposes and when to collect it.

Cyber Schools Hub: local success, national impact
Work from schools and companies paying dividends in the number and diversity of pupils taking up computer science.

CyberFirst industries support CyberTV for students
Cyber security-themed videos, blogs and interviews from industry experts are supporting students and teachers.

Cyber security for schools
New NCSC training package to help schools improve their cyber security.

Reaching out to the next generation of Cyber Sprinters
The NCSC's first 'Outreach' event welcomes pupils from Carlton Primary School.

Bring Your Own Device: How to do it well
Updated NCSC guidance on enabling your staff to use their own devices for work.

CNI system design: Secure Remote Access
A Critical National Infrastructure (CNI)-specific look at NCSC guidance on remote access architecture design

Using secure messaging, voice and collaboration apps
What organisations should think about before choosing apps for secure communications and collaboration...

NCSC For Startups: the feedback loop
How startups can make the most of their time when pitching to cyber security experts.

Mythbusting cloud key management services
Why trying to avoid trusting the KMS doesn't make sense (and other common misconceptions).

Relaunching the NCSC's Cloud security guidance collection
Andrew A explains what's new in a significant update to the NCSC's flagship cloud guidance.

The Technology Assurance principles
Covering the ‘Product development', 'Design and functionality' and ‘Though-life’ aspects of product assurance.

CCP scheme to be run by the UK Cyber Security Council
The NCSC hands over administration of the Certified Cyber Professional scheme, with details to be announced at CYBERUK 2022.

The Cyber Assessment Framework 3.1
Latest version of the CAF focusses on clarification and consistency between areas of the CAF.

Use of Russian technology products and services following the invasion of Ukraine
Cyber security – even in a time of global unrest – remains a balance of different risks. Ian Levy, the NCSC's Technical Director, explains why.

Motivating developers to write secure code
The 'Motivating Jenny' project is helping to change the conversation about security in software development.

'Transaction monitoring' & 'Building and operating a secure online service' guidance published
Two new pieces of NCSC guidance replace Good Practice Guides 43 and 53.

NCSC For Startups: taking on malvertising
Can your startup help counter the rise of malicious advertising?

Introducing Scanning Made Easy
Trial project makes vulnerability scanning easier.

We think Cyber Essentials is, well, still essential ...
...and that's why we are making some changes. Anne W summarises what they are, and explains the thinking behind them.

Terminology: it's not black and white
The NCSC now uses 'allow list' and 'deny list' in place of 'whitelist' and 'blacklist'. Emma W explains why...

New guidance for practitioners supporting victims of 'domestic cyber crime'
The NCSC produces advice for practitioners working with victims who are being tracked, stalked, or virtually monitored.

Zero Trust migration: where do I start?
How to start the journey to zero trust architecture once you have decided it meets your business requirements.

Why vulnerabilities are like buses
How organisations can address the growing trend in which multiple vulnerabilities within a single product are exploited over a short period.

To AV, or not to AV?
Do you need antivirus (AV) products on smartphones and tablets?

Protecting internet-facing services on public service CNI
How operators of critical national infrastructure (CNI) can use NCSC guidance and blogs to secure their internet-facing services.

NCSC For Startups diaries: PORGiESOFT
We caught up with George Brown, founder of PORGiESOFT, about his first few weeks in NCSC For Startups...

The future of Technology Assurance in the UK
Chris Ensor highlights some important elements of the NCSC's new Technology Assurance strategy.

Zero Trust: Is it right for me?
The first in a series of blogs to ease your journey towards a zero trust architecture.

Zero trust 1.0
Zero trust architecture design principles 1.0 launched.

Brightening the outlook for security in the cloud
The NCSC's Cloud Security Research Lead suggests some approaches to help you get confidence in cloud services.

Cloudy with a chance of transparency
In part 2 of his Cloud Blog Trilogy, Andrew explains why it's better for everyone if cloud providers are willing to be open about how they run their services.

Serving up some server advice
Highlighting guidance which will help you secure your servers

Assuring Smart Meters
How we made our commercial assurance business react to the demand of the Smart Meter programme, and how we can use this as a catalyst for future improvement.

The first Certified Cyber Professional (CCP) Specialism is now live!
'Risk Management' is the first certifiable specialism under the NCSC's revised CCP scheme.

Identifying suspicious credential usage
How NCSC guidance can help organisations detect and protect themselves from credential abuse.

What is OT malware?
How malware works on Operational Technology (OT) and how to stop it.

Erasing data from donated devices
How charities can erase personal data from donated laptops, phones and tablets, before passing them on.

The strength of the ICS COI is the team
Join the Industrial Control System Community of Interest (ICS COI), and help build CNI expertise across the UK.

Defending software build pipelines from malicious attack
Compromise of your software build pipeline can have wide-reaching impact; here's how to tackle the problem.

RITICS: Securing cyber-physical systems
Discover the Research Institute in Trustworthy Inter-connected Cyber-physical Systems.

Vulnerability Scanning: Keeping on top of the most common threats
Vulnerability Scanning solutions offer a cost-effective way to discover and manage common security issues.

Supplier assurance: having confidence in your suppliers
Questions to ask your suppliers that will help you gain confidence in their cyber security.

New brochure published to support academic researchers
Everything you need to know about the 19 Academic Centres of Excellence in Cyber Security Research (ACE-CSR) in one place

The elephant in the data centre
A new white paper from the NCSC explains the potential benefits of adopting a cloud-system.

Moving to a cloud, not a storm
Avoiding common problems when moving to the cloud.

The leaky pipe of secure coding
Helen L discusses how security can be woven more seamlessly into the development process.

Helping organisations - and researchers - to manage vulnerability disclosure
Ollie N explains the thinking behind the NCSC’s new Vulnerability Disclosure Toolkit, which is now available to download.

A different future for telecoms in the UK
NCSC Technical Director Dr Ian Levy explains the technical impact of the recent US sanctions on the security of Huawei equipment in the UK.

Why cloud first is not a security problem
Using the cloud securely should be your primary concern - not the underlying security of the public cloud.

Malicious macros are still causing problems!
Andrew A explains the updated guidance for Microsoft Office macros

Security, complexity and Huawei; protecting the UK's telecoms networks
With 5G set to transform mobile services, Ian Levy explains how the UK has approached telecoms security, and what that means for the future.

Studies in secure system design
Worked examples for Operational Technology and Virtualised systems, using the NCSC’s secure design principles

Drawing good architecture diagrams
Some tips on good diagram drafting and pitfalls to avoid when trying to understand a system in order to secure it.

NCSC IT: There's confidence and then there's SaaS
Raising a cheer for SaaS vendors who respond to our cloud security principles.

The future of telecoms in the UK
NCSC Technical Director Dr Ian Levy explains how the security analysis behind the DCMS supply chain review will ensure the UK’s telecoms networks are secure – regardless of the vendors used.

Building Web Check using PaaS
How Platform as a Service (PaaS) can make good security easier to achieve.

Cloud security made easier with Serverless
Our research shows that using Serverless components makes it easier to get good security in the cloud

Intelligent security tools: are they a smart choice for you?
What you need to know before buying artificially intelligent security products

The problems with patching
Applying patches may be a basic security principle, but that doesn't mean it's always easy to do in practice.

Equities process
Publication of the UK’s process for how we handle vulnerabilities.

Protecting parked domains for the UK public sector
Non-email sending (parked) domains can be used to generate spam email, but they're easy to protect.

Applying the Cloud Security Principles in practice: a case study
Using the Cloud Security Principles to evaluate the suitability of a cloud service.

Growing positive security cultures
If your security culture isn't improving naturally, here's what you can do about it.

Maturity models in cyber security: what's happening to the IAMM?
Here we explain a bit about maturity models, look at how they've been used for cyber security, and explain why the NCSC is no longer supporting the IA Maturity Model (IAMM) introduced in 2008.

"Do what I mean!" - time to focus on developer intent
In this post I propose that the software development community should work on developing and then standardising security-related libraries that focus on what the developer is trying to achieve.

Are security questions leaving a gap in your security?
Even the best authentication can't help you if there is an easy way to bypass it.

Cyber resilience - nothing to sneeze at
David K introduces the concept of cyber resilience, and the benefits it brings.

Protecting system administration with PAM
Remote system administration provides powerful and flexible access to systems and services.

Developing the cyber security profession – have your say!
Chris Ensor discusses the government's proposal to develop the cyber security profession in the UK.

There's a hole in my bucket
...or 'Why do people leave sensitive data in unprotected AWS S3 buckets?'

Stepping up to multi-factor authentication
New guidance on implementing MFA to better secure online services

Phishing, spear phishing and whaling; does it change the price of phish?
Regardless of the type of phish, you'll still need multiple layers of defence to protect your organisation.

Making the UK the safest place to live and do business online
The NCSC's Chief Executive Ciaran Martin outlines why the UK needs a National Cyber Security Centre.

Current News From the BBC

Police filmed stamping on man's head at airport
A video appearing to show a police officer kick and stamp on a man's head has been shared online.

Ukraine thrown into war's bleak future as drones open new battlefront
On the front line, drones are killing hundreds every day - showing the world a new kind of high-tech war.

Whistleblower behind Dujardin video wants to 'save dressage'
The whistleblower who released a video that appears to show Charlotte Dujardin "excessively" whipping a horse is "not celebrating", says her lawyer.

Daley and Glover GB flagbearers at opening ceremony
Diver Tom Daley and rower Helen Glover are chosen as Great Britain's flagbearers at the opening ceremony for the Paris 2024 Olympic Games.

Abbington 'received online rape threats' after Strictly
The actress says the online abuse since leaving the show has been "brutal, relentless and unforgiving".

Trump rally gunman searched online for JFK assassination details
FBI Director Christopher Wray told US lawmakers that the gunman registered for the Trump rally the same day.

Arrest after A61 crash that killed six people
Police appeal for information about a grey Porsche 911 spotted in the area before the crash.

Press battle 'central' to Royal Family rift - Harry
It is the first time he has spoken since being awarded damages in his case against Mirror Group Newspapers.

Knives seized after attack on Army officer in Kent
A man is held after a suspected murder attempt on a soldier in uniform near a Gillingham barracks.

Pilot survived Nepal crash after cockpit split from plane
The plane's cockpit split from its fuselage leaving pilot as the sole survivor of crash that killed 18.

Could I get a last-minute ticket to watch?
A complete guide to getting a last-minute seat at the Olympic Games in Paris.

Morocco beat Argentina in game marred by crowd trouble
Crowd trouble forces the first football match of the Olympics to be delayed by almost two hours, with Morocco finally beating Argentina 2-1 in an empty stadium.

Right time for me to retire, says Murray ahead of Olympic farewell
Andy Murray says it is the "right time" for him to retire from tennis after the Paris Olympics - and he is "happy" with the decision.

BBC team pedal to Paris Olympics to highlight sustainability
A BBC Sport team and sporting guests cycle more than 500 miles from Manchester to Paris, reaching the French capital in time for the start of the Olympic Games.

Your guide to what's happening and when at the games
Your day-by-day guide to what is happening when - and who to watch out for - at the Paris 2024 Olympics.

'Bit of a disruptor' - story of Eluned Morgan, set to be first woman to lead Wales
Eluned Morgan is poised to become Wales' first minister, making her the first woman to lead the nation.

Frantic digging at scene of deadly Ethiopia landslides
Families dig with their bare hands for loved ones buried under the mud of landslides.

The Charlotte Dujardin case explained
BBC Sport recaps why Charlotte Dujardin is out of the Olympics, what happened and what it means for equestrian.

What one Moscow square says about Russia's worsening relations with West
Moscow Mayor Sergei Sobyanin has signed an order renaming Europe Square Eurasia Square.

Lammy aims to reset UK-India ties with early trip
The foreign secretary wants to boost relations amid instability among American and European allies.

Return of the mullet, the hairstyle that refuses to dye
Long on top and flowing in the back is the hairstyle of choice at this year's Royal Welsh?

Timothee Chalamet sings Bob Dylan in film trailer
Chalamet performs 1963 classic A Hard Rain’s a‐Gonna Fall in the first trailer for A Complete Unknown.

We don't know how many people are having babies - a headache for schools
Working out how many school pupils to budget for may well prove to be a headache for the government.

Conspiracy theories swirl about geo-engineering, but could it help save the planet?
If we can’t control rising global temperatures by drastically cutting carbon emissions, could something called geo-engineering be a way to cool the planet?

Unfathomable errors and 'cinnamon bun' strategy: Political end-of-term report cards
As Parliament approaches summer recess, Laura Kuenssberg reflects on how they've performed over a dizzying few months.

Download now
Top stories, breaking news, live reporting, and follow news topics that match your interests

World breaks hottest day record twice in a week
The global average temperature broke a record set in 2023, partly driven by heat in Antarctica.

We owe public apology, says new Welsh Labour leader
Eluned Morgan confirmed as Welsh Labour leader and Wales' first woman to be first minister.

Rare fossils reveal secrets of mammal evolution
The fossils hold clues as to how mammals that lived in the shadow of dinosaurs evolved to dominate the world.

I was given Freedom of City but not freedom of room, says disability campaigner
Anna Landre got an award for her disability work but was denied the chance to accept it on stage.

Boy invaded Wembley pitch in bid to get cash reward
The boy had been encouraged by an online influencer and thought he would be paid, a court heard.

MrBeast co-host quits after grooming allegations
Ava Kris Tyson denies allegations of grooming over messages sent to a minor eight years ago.

CrowdStrike to improve testing after 'bug' caused mass global outage
The cybersecurity company's mistake caused millions of PCs not to work on Friday.

Starmer vows Ukraine support in low-key first PMQs
The Labour leader largely agreed with Tory counterpart Rishi Sunak in his first appearance at PMQs.

'I've lost £680 because of Carpetright collapse'
Some customers unable to get refunds as more than 200 shops shut.

Sir Keir Starmer's PMQs Debut
And is Kamala Harris having a ‘brat summer’?

Americanswers! Why have the Democrats backed Kamala Harris?
We answer your questions as Kamala Harris gains support to be presidential nominee.

Morocco beat Argentina in game marred by crowd trouble
Crowd trouble forces the first football match of the Olympics to be delayed by almost two hours, with Morocco finally beating Argentina 2-1 in an empty stadium.

Daley and Glover GB flagbearers at opening ceremony
Diver Tom Daley and rower Helen Glover are chosen as Great Britain's flagbearers at the opening ceremony for the Paris 2024 Olympic Games.

Whistleblower behind Dujardin video wants to 'save dressage'
The whistleblower who released a video that appears to show Charlotte Dujardin "excessively" whipping a horse is "not celebrating", says her lawyer.

'Right time' for me to retire - Murray
Andy Murray says it is the "right time" for him to retire from tennis after the Paris Olympics - and he is "happy" with the decision.

The story of the four-hour football match
Watch the key moments from Argentina and Morocco's opening game where crowd trouble forces the match to be suspended for nearly two hours at the Paris 2024 Olympics.

Italy defender Calafiori set for Arsenal medical
Italy defender Riccardo Calafiori is set to have a medical with Arsenal as his move from Bologna edges closer.

Dupont inspires France as party starts in Paris
Antoine Dupont underlines why he is one of the faces of the Paris Olympics with a stunning solo try as France reach the quarter-finals of the men's rugby sevens.

Police filmed stamping on man's head at airport
A video appearing to show a police officer kick and stamp on a man's head has been shared online.

MPs clash at Westminster over Casement Park plans
Secretary of State Hilary Benn says the government is working "as quickly as possible" on Casement options.

Councils in push for government funds to avoid bin strikes
Council leaders have agreed to seek a meeting with the government to ask for money to fund an improved pay deal.

We owe public apology, says new Welsh Labour leader
Eluned Morgan confirmed as Welsh Labour leader and Wales' first woman to be first minister.

This content is from multiple sources including BBC News and BBC Sport