Guidance

Cyber security guidance for business

Guidance on how organisations can protect themselves in cyberspace.

Documents

10 Steps: Ten Critical Areas

This file may not be suitable for users of assistive technology. Request a different format.

If you use assistive technology and need a version of this document in a more accessible format, please email enquiries@cesg.gsi.gov.uk. Please tell us what format you need. It will help us if you say what assistive technology you use.

10 Steps: Advice Sheets

10 Steps: Infographic

This file may not be suitable for users of assistive technology. Request a different format.

If you use assistive technology and need a version of this document in a more accessible format, please email enquiries@cesg.gsi.gov.uk. Please tell us what format you need. It will help us if you say what assistive technology you use.

Common Cyber Attacks

This file may not be suitable for users of assistive technology. Request a different format.

If you use assistive technology and need a version of this document in a more accessible format, please email enquiries@cesg.gsi.gov.uk. Please tell us what format you need. It will help us if you say what assistive technology you use.

Common Cyber Attacks: Infographic

This file may not be suitable for users of assistive technology. Request a different format.

If you use assistive technology and need a version of this document in a more accessible format, please email enquiries@cesg.gsi.gov.uk. Please tell us what format you need. It will help us if you say what assistive technology you use.

Detail

Advice from security and intelligence experts across government about how to prevent the majority of cyber (information techology) attacks, and how to manage common cyber risk. This guidance has been updated to include the document ‘Common Cyber Attacks’ which sets out what a common cyber attack looks like and how attackers typically execute them.

Disclaimer

This Guide and the accompanying documents have been produced jointly by GCHQ, BIS and CPNI. They are not intended to be an exhaustive guide to potential cyber threats or mitigations, are not tailored to individual needs and are not a replacement for specialist advice. Companies should ensure that they take appropriate specialist advice where necessary.

This Guide and the accompanying documents are provided without any warranty or representation of any kind whether express or implied. The government departments involved in the production of these documents cannot therefore accept any liability whatsoever for any loss or damage suffered or costs incurred by any person arising from the use of this document.

Findings and recommendations in this Guide and the accompanying documents have not been provided with the intention of avoiding all risks and following the recommendations will not remove all such risks. Ownership of information risks remains with the relevant system owner at all times.

© Crown Copyright 2015