If you’re looking for a password that’s both strong and easy to remember, the NCSC recommends using the Three Random Words technique to keep your online accounts secure, striking a balance between complexity and ease of use. 

In their #CyberMonth2023 campaign, the NCSC make the case for longer, more diverse passwords, saying goodbye to character replacements and hello to security that’s robust and easy to remember. 

Find out more: 

https://www.ncsc.gov.uk/blog-post/the-logic-behind-three-random-words 

The NCSC encourages users to add an extra layer of security through 2-step verification (2SV). Their #CyberMonth2023 campaign explains that 2SV is one of the most effective ways to protect your online accounts from cyber criminals. 

It is recommended to set up 2SV for all your most important accounts – email, banking, social media, and shopping to keep cyber criminals out, even if they discover your passwords. With 2SV you will receive a PIN or code, often via SMS or email, for each transaction to prove it’s really you. There are also other types of verification available like fingerprint or app-based verification. 2SV is quick to set up, instantly boots your online security, and is supported by most major platforms. 

Find out more: 

Turn on 2-step verification (2SV) - NCSC.GOV.UK 

The NCSC shares the quick and free ways to flag spam messages in its #CyberMonth2023 campaign.  

The campaign recommends you forward spam messages to 7726 (free) or email them to report@phishing.gov.uk. If you’ve lost money or been hacked, you should get in touch with ActionFraud.  

In their #CyberMonth2023 campaign, the NCSC explains how to spot fake accounts, manage your digital footprint, and take charge of your online presence. 

If you’ve received a suspicious message on social media, the NCSC recommends you:

• Forward it to 7726 (free)
• Send it to report@phishing.gov.uk

Additionally, if you’ve lost money or have been hacked, they recommend you contact ActionFraud where you can make a report.

Find out more:

Social Media: how to use it safely - NCSC.GOV.UK 

If you’re using ChatGPT for your work, studies or personal life, the NCSC has advice on how to use it securely. They recommend you consider whether what you are typing is something that could causes problems if it was made public. If the answer is yes, such as in the case of confidential information or data, then you shouldn’t enter it into ChatGPT or public LLMs. 

NCSC also advises checking the terms of use and privacy policy of the LLM provider before asking sensitive questions. 

Find out more: 

ChatGPT and LLMs: what's the risk - NCSC.GOV.UK 

The NCSC #CyberMonth2023 campaign provides guidance on mitigating malware and ransomware attacks and helps reduce: 

• the likelihood of becoming infected
• the spread of malware throughout your organisation
• the impact of the infection

Find out more: 

https://www.ncsc.gov.uk/guidance/mitigating-malware-and-ransomware-attacks 

https://www.ncsc.gov.uk/whitepaper/ransomware-extortion-and-the-cyber-crime-ecosystem 

The NCSC Board toolkit is designed to help board members govern cyber risk more effectively.  

Find out more: 

https://www.ncsc.gov.uk/collection/board-toolkit 

https://www.ncsc.gov.uk/blog-post/refreshed-toolkit-helps-board-members-to-govern-cyber-risk 

Cyber Essentials is a government-backed scheme from the NCSC and helps protect organisations of all sizes from cyber attacks. There are two certification levels:

• Cyber Essentials: this is a self-assessment option that offer protection against common cyber attacks and helps to shield you from unwanted attention.

• Cyber Essentials Plus: this offers the same protection as the Cyber Essentials certification, but with hands-on technical verification.

Find out more:

https://www.ncsc.gov.uk/cyberessentials/overview

• Check your cyber security: Check your cyber security - NCSC.GOV.UK 
• Check your email security: emailsecuritycheck.service.ncsc.gov.uk
• Check your website: Web Check - NCSC.GOV.UK
• Check your mail: Mail Check - NCSC.GOV.UK