Expert, trusted, and independent guidance for UK industry, government departments, the critical national infrastructure and private SMEs. All our guidance is advisory in nature and is underpinned by our unique insights into cyber threats.
Why we publish guidance
Our guidance is a crucial part of ensuring that the UK has the capacity to manage the increasing cyber threat. Based on our unique perspective that we provide through our global intelligence insight, we publish practical and proportionate security guidance to protect both new and existing IT systems, and the UK's critical national infrastructure.
Our approach to guidance
We provide advice, not standards or policy. And because our guidance is advisory in nature, it provides a sound basis from which to make your own, informed decisions that are right for your organisation. With help from our colleagues in CPNI providing expert protective security advice, we take an experienced, balanced view of risk to identify appropriate countermeasures.
Where to start?
Our aim is to provide the best possible cyber security advice and information to everyone in the UK, including the public and members of organisations of all kinds. 10 Steps to Cyber Security outlines the basic cyber security procedures to protect your organisation from cyber attacks, while Cyber Essentials allows organisations to advertise that they meet a government endorsed standard of cyber hygiene.
Guidance by topic
We've organised our guidance by topic to help you find the information you need. Additional guidance is available through CiSP. Guidance from our precursor organisations (CESG, CERT-UK and CPNI) is available from the archive.
Cyber security is only one part of the landscape
Together with our colleagues in CPNI, the NCSC is working to help protect things that matter the most to the UK. We believe that a holistic approach that considers physical and personnel security as well as cyber security is necessary for our customers to effectively manage their risk. Visit the CPNI website to find best-practice guidance on physical and personnel security.