Latest publications 05 Mar 2026 Artificial intelligence and machine learning: Supply chain risks and mitigations This guidance is intended for organisations and staff that deploy or develop AI or ML systems and components. 19 Feb 2026 Quantum technology primer: Computing Explore quantum computing, the threat it poses to current cryptography, and how organisations can reduce risks to their data and systems. 23 Jan 2026 Hardening Microsoft Windows 11 workstations This publication provides recommendations on hardening workstations using Enterprise and Education editions of Microsoft Windows 11. While this publication refers to workstations, most recommendations are equally applicable to servers (with the exception of Domain Controllers) using Microsoft Windows Server. Security features discussed in this publication, along with the names and locations of Group Policy settings, are taken from Microsoft Windows 11 version 25H2. All publications Title AudienceIndividuals & familiesSmall & medium businessesOrganisations & Critical InfrastructureGovernment Sort by Sort byDate updated (new to old)Date updated (old to new)Title (A-Z)Title (Z-A) Items per page 61218243036424854606672788490200 16 Dec 2022 Technical example: Application control Application control restricts the ability of an application to run or install on a device. Application control makes it harder for users to intentionally or unintentionally install unwanted or malicious software. 16 Dec 2022 Technical example: Configure macro settings Configuring macro settings protects an organisation’s systems from malicious macros. Macros are powerful tools. They were introduced to improve productivity however their functionality can also be used by cyber criminals to compromise a user’s system. 16 Dec 2022 Technical example: Multi-factor authentication Multi-factor authentication (MFA) makes it harder for adversaries to use compromised user credentials to access an organisation’s systems. It is one of the most important cybersecurity measures an organisation can implement. 16 Dec 2022 Technical example: Patch operating systems Patching operating systems is one of the most effective controls an organisation can implement to prevent an adversary from gaining access to their devices and sensitive information. Patches improve the security of operating systems by fixing known vulnerabilities. 16 Dec 2022 Technical example: Regular backups Implementing regular backups will assist your organisation to recover and maintain its operations in the event of a cybersecurity incident, for example, a ransomware attack. 16 Dec 2022 Technical example: Restrict administrative privileges Privileged account credentials are prized by cybercriminals because they provide extensive access to high value assets within a network. Restricting privileged access to only users with a demonstrated business need is essential to protecting your environment. Pagination Previous page ‹‹ Page 17 Next page ›› Alerts and Advisories Advice, guidance and publications Reports and statistics News Programs Glossary