In our 2023 white paper, the NCSC emphasized the necessity of preparing for the transition to post-quantum cryptography (PQC) in light of the risks posed by advancements in quantum computing on current cryptographic systems. Beyond the technical insights provided in that paper, we outlined our commitment to assist the UK government and our regulated Critical…
The transition to Post-Quantum Cryptography (PQC) mirrors many significant technology migration projects. The main objective is to seamlessly integrate PQC into existing systems while minimizing new cyber security threats. Hence, comprehensive planning at the outset is crucial. Organizations may adopt various models for successful technology migration, with each having its unique framework. Regardless of the…
In today’s digital landscape, accessing various online services including messaging, shopping, travel, social media, media streaming, and government resources typically requires managing yet another account and password. Concurrently, there is a rising trend of cyber criminals attempting to hijack online accounts for their illegal gain, often at the expense of users. Safeguarding these account passwords…
As the Director of National Resilience at NCSC, the announcement of a Cyber Security and Resilience Bill in July 2024 by the government was a pivotal step towards addressing the increasing cyber threats to essential services, including water, power, and healthcare. Today, we appreciate the publication of the Department of Science, Innovation and Technology’s (DSIT)…
This guidance targets private sector organizations that do not qualify to utilize the NCSC’s Protective DNS (PDNS). If your organization does qualify for the NCSC’s PDNS, note that a commercially procured protective DNS service is not a suitable alternative. Reasons to Implement Protective DNS Protective DNS (PDNS) systems block access to malicious domains attempted by…
APIs (application programming interfaces) play a crucial role across various industries, spanning social media, finance, healthcare, and telecommunications. They enable effective data exchange between different systems and services. However, the growing reliance on APIs opens the door for attackers who look to exploit potential vulnerabilities in their design and implementation. Recent high-profile security breaches involving…
