Guidance Documents

Below you will find Guidance Documents released by the NCSC.

• Quick Guide: Cyber Security for Schools

  This quick guide will highlight the cyber risks posed to schools and the key priority measures to consider to mitigate against these risks.

• Quick Guide: Ransomware How to #BreakTheChain

  Ransomware operators are not only interested in critical infrastructure, ransomware attacks can affect all types of organisations, both large and small. This quick guide is for organisations to understand the steps in a Ransomware Attack Chain, and more importantly how good cybersecurity practices will allow you to stop an attacker and #BreakTheChain.

• NCSC Cyber Security for Political Parties and Candidates

  Detailed guidance for political parties and politicians in relation to cybersecurity. This guidance covers the following:
  1. An outline of the potential cybersecurity risks for political candidates or political parties
  2. Advice for all political candidates for election so that they might better protect themselves and their data
  3. Guidance for management and IT administrators in political parties
  4. Services that the NCSC and others will be able to offer to candidates in securing their data.
  

• Quick Guide: Cyber Security Best Practice for Electoral Candidates

  This cyber security best practice quick guide has been produced by the NCSC to assist electoral candidates in implementing key priority preventive measures that can help to reduce the likelihood of them becoming a victim of a cyber-attack and the negative impacts that may result.

• Working From Home Security Advice

  With remote working becoming part of our day to day life, it is important that you ensure your home office matches the level of security you would expect to find in your professional office environment. This detailed guidance document covers some important steps you can take to achieve this.

• 12 Steps to Cyber Security for Businesses

  This detailed guidance is intended to be used by businesses as a suggested activity plan which may be undertaken on a month-by-month basis over a suggested 12 month period to improve cyber resilience.