Security Guidance
Practical cyber security guidance to support safe, secure working for all organisations and individuals, covering everyday risks, controls and good practice.
-
Data Handling and Sharing
Read more: Data Handling and SharingData is handled constantly, often without much conscious thought. Files sent by email, documents saved to shared drives, information passed on in a conversation or a screenshot. Most of the time this happens without consequence. But the habits formed around routine data handling determine what happens when something goes wrong, or when data ends up…
-
Recognising and Responding to a Security Incident
Read more: Recognising and Responding to a Security IncidentSecurity incidents happen. They happen to organisations with mature security programmes, experienced teams, and robust controls. The measure of a security posture is not only how well it prevents incidents but how effectively it responds when prevention falls short. Knowing what to do in the first moments after something goes wrong matters. Delayed or poorly…
-
Account Security and Recovery
Read more: Account Security and RecoveryMost security guidance focuses on protecting accounts from being accessed by others. Less attention is placed upon what happens when you lose access yourself or when an attacker uses your own account recovery process against you. Account lockout is a more common experience than many people expect, and the recovery process, when not set up…
-
Working Securely When Travelling
Read more: Working Securely When TravellingTravel introduces a specific set of security risks that don’t exist, or exist in a more controlled form, in a normal working environment. You’re operating on unfamiliar networks, in public spaces, with devices that may be subject to inspection at borders, in locations where the people around you are unknown. The controls that protect you…
-
Why Backups Matter
Read more: Why Backups MatterBackups are one of the most consistently undervalued aspects of everyday security. Most people understand in principle that they should back their data up. Far fewer do so reliably, and fewer still have ever tested whether their backup actually works. The practical reality of not having a working backup becomes clear very quickly when something…
-
Phishing and Social Engineering
Read more: Phishing and Social EngineeringMost successful attacks don’t begin with sophisticated technical exploits. They begin with a message (an email, a text, a phone call), designed to make someone do something they wouldn’t otherwise do. Phishing and social engineering remain among the most effective methods available to attackers precisely because they target human judgement rather than technical defences. The…
-
Secure Authentication: Passwords, MFA and Passkeys
Read more: Secure Authentication: Passwords, MFA and PasskeysPasswords are still one of the most common ways systems are accessed, and one of the most common ways they’re compromised. Increasingly, they are also no longer the preferred option where stronger alternatives are available. Guidance from the National Cyber Security Centre and National Institute of Standards and Technology has shifted accordingly. Passkeys are now…
-
Cyber Tabletop
Read more: Cyber TabletopCyber tabletop exercises are one of the simplest ways to understand how an organisation would respond to a real incident – before one happens. Most organisations have plans. Incident response, business continuity, disaster recovery. On paper, they often look complete. The difficulty is knowing whether they hold up once people have to use them under…
-
What is Ransomware?
Read more: What is Ransomware?Ransomware remains one of the most disruptive cyber threats organisations face. Its impact is rarely limited to IT systems. When it lands properly, it affects operations, delivery, and in some cases the organisation’s ability to function at all. Most organisations are aware of ransomware. Fewer have a clear sense of how it would play out…