Latest publications 04 Sep 2025 A Shared Vision of Software Bill of Materials (SBOM) for Cybersecurity This guidance, authored by the U.S. Cybersecurity and Infrastructure Security Agency (CISA) and international partners, presents a shared vision of Software Bill of Materials (SBOM) and the value that increased software component and supply chain transparency can offer to the global community. 04 Sep 2025 End of support for Microsoft Windows and Microsoft Windows server Support for Microsoft Windows and Microsoft Windows Server users following the expiration of the specified servicing timeline. 04 Sep 2025 Hardening Microsoft Windows 10 workstations This publication provides recommendations on hardening workstations using Enterprise and Education editions of Microsoft Windows 10. While this publication refers to workstations, most recommendations are equally applicable to servers (with the exception of Domain Controllers) using Microsoft Windows Server. Security features discussed in this publication, along with the names and locations of Group Policy settings, are taken from Microsoft Windows 10 version 22H2. All publications Title AudienceIndividuals & familiesSmall & medium businessesOrganisations & Critical InfrastructureGovernment Sort by Sort byDate updated (new to old)Date updated (old to new)Title (A-Z)Title (Z-A) Items per page 61218243036424854606672788490200 06 Oct 2021 Introduction to Cross Domain Solutions This publication introduces technical and non-technical audiences to the concept of a Cross Domain Solution (CDS), a type of security capability that is used to connect discrete systems within separate security domains in an assured manner. 06 Oct 2021 Malicious email mitigation strategies Socially engineered emails containing malicious attachments and embedded links are routinely used in targeted cyber intrusions against organisations. This publication has been developed to provide mitigation strategies for the security risks posed by these malicious emails. 06 Oct 2021 Managed service providers: How to manage risk to customer networks There are several mitigation strategies that managed service providers can implement to protect their own networks and manage the security risks posed to their customers’ networks. 06 Oct 2021 Marketing and filtering email service providers This publication provides high level guidance on how to use email service providers (ESPs) in particular deployment scenarios. The considerations and controls described in that publication also apply to ESPs sending email on other organisations’ behalf. 06 Oct 2021 Protecting against business email compromise Business email compromise is when malicious actors use email to abuse trust in business processes to scam organisations out of money or goods. Malicious actors can impersonate business representatives using similar names, domains or fraudulent logos as a legitimate organisation or by using compromised email accounts and pretending to be a trusted co-worker. 06 Oct 2021 Questions to ask managed service providers Asking the right questions to managed service providers can help organisations better understand the cybersecurity of their systems and the services they provide. Pagination Previous page ‹‹ Page 18 Next page ›› Alerts and Advisories Advice, guidance and publications Reports and statistics News Programs Glossary