Security Guidance
Practical cyber security guidance to support safe, secure working for all organisations and individuals, covering everyday risks, controls and good practice.
-

How can companies effectively respond to a cybersecurity incident?
Read more: How can companies effectively respond to a cybersecurity incident?The worst time to design an incident response process is during a live incident. At that point, the organisation is under pressure, facts are incomplete, systems may be unavailable and senior leaders may be asking for certainty that no one can honestly provide. A good response depends on preparation. A cyber incident response plan should…
-

Recognising Phishing Attempts
Read more: Recognising Phishing AttemptsPhishing guidance is often taught using obvious examples, poorly worded messages from implausible senders, urgent requests that seem transparently suspicious. Real phishing, however, rarely looks like that. Modern attempts are built around legitimacy: they imitate suppliers, internal systems, collaboration platforms, and normal business processes closely enough to pass a quick glance. Rather than judging a…
-

Sharing Sensitive Files Securely
Read more: Sharing Sensitive Files SecurelyThe way sensitive files travel through organisations rarely attracts much attention until something goes wrong. Most exposure isn’t the result of a deliberate attack or a dramatic failure rather, it’s the accumulated result of working habits that feel unremarkable in the moment. An attachment sent for convenience, a sharing link left active after the project…
-

Identity and Access Management
Read more: Identity and Access ManagementAccess to systems and information naturally accumulates over time. Employees move between roles, suppliers are onboarded for projects, permissions are extended to meet operational requirements and not revisited. Each individual decision is usually reasonable in context, the difficulty is that the cumulative result, across an organisation and over time, is often an access environment that…
-

Governance and Control in Microsoft Teams Environments
Read more: Governance and Control in Microsoft Teams EnvironmentsMicrosoft Teams environments usually grow faster than governance around them. That is not really a criticism so much as a reflection of how these platforms are adopted in practice. A tool introduced to improve communication quickly becomes the place where files are stored, meetings are held, suppliers are invited in, and projects are coordinated. The…
-

Data Handling and Sharing
Read more: Data Handling and SharingData is handled constantly, often without much conscious thought. Files sent by email, documents saved to shared drives, information passed on in a conversation or a screenshot. Most of the time this happens without consequence. But the habits formed around routine data handling determine what happens when something goes wrong, or when data ends up…
-

Recognising and Responding to a Security Incident
Read more: Recognising and Responding to a Security IncidentSecurity incidents happen. They happen to organisations with mature security programmes, experienced teams, and robust controls. The measure of a security posture is not only how well it prevents incidents but how effectively it responds when prevention falls short. Knowing what to do in the first moments after something goes wrong matters. Delayed or poorly…
-

Account Security and Recovery
Read more: Account Security and RecoveryMost security guidance focuses on protecting accounts from being accessed by others. Less attention is placed upon what happens when you lose access yourself or when an attacker uses your own account recovery process against you. Account lockout is a more common experience than many people expect, and the recovery process, when not set up…
-

Working Securely When Travelling
Read more: Working Securely When TravellingTravel introduces a specific set of security risks that don’t exist, or exist in a more controlled form, in a normal working environment. You’re operating on unfamiliar networks, in public spaces, with devices that may be subject to inspection at borders, in locations where the people around you are unknown. The controls that protect you…
-

Why Backups Matter
Read more: Why Backups MatterBackups are one of the most consistently undervalued aspects of everyday security. Most people understand in principle that they should back their data up. Far fewer do so reliably, and fewer still have ever tested whether their backup actually works. The practical reality of not having a working backup becomes clear very quickly when something…
-

Phishing and Social Engineering
Read more: Phishing and Social EngineeringMost successful attacks don’t begin with sophisticated technical exploits. They begin with a message (an email, a text, a phone call), designed to make someone do something they wouldn’t otherwise do. Phishing and social engineering remain among the most effective methods available to attackers precisely because they target human judgement rather than technical defences. The…
-

Secure Authentication: Passwords, MFA and Passkeys
Read more: Secure Authentication: Passwords, MFA and PasskeysPasswords are still one of the most common ways systems are accessed, and one of the most common ways they’re compromised. Increasingly, they are also no longer the preferred option where stronger alternatives are available. Guidance from the National Cyber Security Centre and National Institute of Standards and Technology has shifted accordingly. Passkeys are now…
