Ollie Whitehouse's Avatar

Ollie Whitehouse

@ollieatnowhere

CTO at the UK's National Cyber Security Center

2,462
Followers 16
Following 146
Posts 01.12.2023
Joined
Posts Following

Latest posts by Ollie Whitehouse @ollieatnowhere

Preview
CTO at NCSC Summary: week ending March 1st Agencies strongly encourage immediate investigation of potential compromise of Cisco Catalyst SD-WAN, and full updating and hardening.

Weekly summary is out..

ctoatncsc.substack.com/p/cto-at-ncs...

28.02.2026 10:04 πŸ‘ 1 πŸ” 3 πŸ’¬ 0 πŸ“Œ 0
Preview
CTO at NCSC Summary: week ending March 1st Agencies strongly encourage immediate investigation of potential compromise of Cisco Catalyst SD-WAN, and full updating and hardening.

Weekly summary is out..

ctoatncsc.substack.com/p/cto-at-ncs...

28.02.2026 10:04 πŸ‘ 1 πŸ” 3 πŸ’¬ 0 πŸ“Œ 0
Preview
Exploitation of Cisco Catalyst SD-WAN Agencies strongly encourage immediate investigation of potential compromise of Cisco Catalyst SD-WAN, and full updating and hardening.

Exploitation of Cisco Catalyst SD-WAN

Agencies strongly encourage immediate investigation of potential compromise of Cisco Catalyst SD-WAN, and full updating and hardening.

www.ncsc.gov.uk/news/exploit...

25.02.2026 20:31 πŸ‘ 2 πŸ” 3 πŸ’¬ 0 πŸ“Œ 1
Preview
Exploitation of Cisco Catalyst SD-WAN Agencies strongly encourage immediate investigation of potential compromise of Cisco Catalyst SD-WAN, and full updating and hardening.

Exploitation of Cisco Catalyst SD-WAN

Agencies strongly encourage immediate investigation of potential compromise of Cisco Catalyst SD-WAN, and full updating and hardening.

www.ncsc.gov.uk/news/exploit...

25.02.2026 20:31 πŸ‘ 2 πŸ” 3 πŸ’¬ 0 πŸ“Œ 1
Preview
CTO at NCSC Summary: week ending February 22nd Malicious cyber activity is a burden on business and the way this burden and cost is minimised is through increased resilience...

Weekly summary is out..

ctoatncsc.substack.com/p/cto-at-ncs...

21.02.2026 10:29 πŸ‘ 3 πŸ” 5 πŸ’¬ 0 πŸ“Œ 0
Preview
CTO at NCSC Summary: week ending February 22nd Malicious cyber activity is a burden on business and the way this burden and cost is minimised is through increased resilience...

Weekly summary is out..

ctoatncsc.substack.com/p/cto-at-ncs...

21.02.2026 10:29 πŸ‘ 3 πŸ” 5 πŸ’¬ 0 πŸ“Œ 0
Preview
CTO at NCSC Summary: week ending February 15th Organisations with experience in external attack surface management can help NCSC UK shape future Active Cyber Defence 2.0 services

Weekly summary is out..

ctoatncsc.substack.com/p/cto-at-ncs...

14.02.2026 09:55 πŸ‘ 2 πŸ” 1 πŸ’¬ 0 πŸ“Œ 0
Preview
CTO at NCSC Summary: week ending February 15th Organisations with experience in external attack surface management can help NCSC UK shape future Active Cyber Defence 2.0 services

Weekly summary is out..

ctoatncsc.substack.com/p/cto-at-ncs...

14.02.2026 09:55 πŸ‘ 2 πŸ” 1 πŸ’¬ 0 πŸ“Œ 0
Preview
Improving your response to vulnerability management How to ensure the β€˜organisational memory’ of past vulnerabilities is not lost.

At the @ncsc.gov.uk we have today released reflections on how to ensure the β€˜organisational memory’ of past vulnerabilities is not lost in technology producers.

www.ncsc.gov.uk/blog-post/im...

10.02.2026 14:31 πŸ‘ 1 πŸ” 0 πŸ’¬ 0 πŸ“Œ 0
Preview
CTO at NCSC Summary: week ending February 8th Nation-state threat actors exploit end-of-support (EOS) edge devices -ncluding, but not limited to, load balancers, firewalls, routers, and virtual private network (VPN) gateways

Weekly summary is out..

ctoatncsc.substack.com/p/cto-at-ncs...

07.02.2026 09:58 πŸ‘ 2 πŸ” 3 πŸ’¬ 0 πŸ“Œ 0
Preview
CTO at NCSC Summary: week ending February 8th Nation-state threat actors exploit end-of-support (EOS) edge devices -ncluding, but not limited to, load balancers, firewalls, routers, and virtual private network (VPN) gateways

Weekly summary is out..

ctoatncsc.substack.com/p/cto-at-ncs...

07.02.2026 09:58 πŸ‘ 2 πŸ” 3 πŸ’¬ 0 πŸ“Œ 0
Preview
CTO at NCSC Summary: week ending February 1st Cyber incidents targeting organisations – particularly those against critical national infrastructure (CNI) – are becoming more frequent, sophisticated and potentially destructive.

Weekly summary is out..

ctoatncsc.substack.com/p/cto-at-ncs...

01.02.2026 10:33 πŸ‘ 3 πŸ” 2 πŸ’¬ 1 πŸ“Œ 0
Preview
CTO at NCSC Summary: week ending January 25th NCSC issues warning over hacktivist groups disrupting UK organisations and online services

Weekly summary is out..

ctoatncsc.substack.com/p/cto-at-ncs...

25.01.2026 08:49 πŸ‘ 5 πŸ” 4 πŸ’¬ 0 πŸ“Œ 0
Preview
Pro-Russia hacktivist activity continues to target UK organisations The NCSC encourages local government and critical infrastructure operators to harden their β€˜denial of service’ (DoS) defences

Today the NCSC has issued a warning highlighting Pro-Russian Hacktivist groups are targeting sectors across the UK.

All organisations are urged to act now by reviewing and implementing our free guidance to protect against DoS attacks.

19.01.2026 16:20 πŸ‘ 12 πŸ” 11 πŸ’¬ 0 πŸ“Œ 1
Preview
CTO at NCSC Summary: week ending January 18th We have time to ensure and assure we get the outcome we want, but we don’t have limitless time. As such urgency, pace and relentless focus are the imperatives when it comes to technology security..

Weekly summary is out..

ctoatncsc.substack.com/p/cto-at-ncs...

18.01.2026 08:03 πŸ‘ 4 πŸ” 2 πŸ’¬ 0 πŸ“Œ 0
Preview
CTO at NCSC Summary: week ending January 18th We have time to ensure and assure we get the outcome we want, but we don’t have limitless time. As such urgency, pace and relentless focus are the imperatives when it comes to technology security..

Weekly summary is out..

ctoatncsc.substack.com/p/cto-at-ncs...

18.01.2026 08:03 πŸ‘ 4 πŸ” 2 πŸ’¬ 0 πŸ“Œ 0
The NCSC would like to see passkeys become the default authentication recommendation

The NCSC would like to see passkeys become the default authentication recommendation

Passkeys provide an easier, faster and more secure way to log into online accounts than passwords.πŸ—οΈ

Read more about how the NCSC is keeping pace with evolving technology⬇️

https://www.ncsc.gov.uk/collection/ncsc-annual-review-2025/chapter-03-keeping-pace-with-evolving-technology

10.01.2026 15:43 πŸ‘ 61 πŸ” 19 πŸ’¬ 3 πŸ“Œ 9

At @ncsc.gov.uk supported by international partners released guidance on Secure connectivity principles for operational technology (OT) - go forth and secure..

Blog:
www.ncsc.gov.uk/blog-post/de...

Guidance:
www.ncsc.gov.uk/collection/o...

#OT #CyberSecurity

17.01.2026 07:47 πŸ‘ 3 πŸ” 1 πŸ’¬ 1 πŸ“Œ 0
Preview
CTO at NCSC Summary: week ending January 11th DSIT, with the support of the NCSC, has refreshed the Government’s Cyber Security Strategy (GCSS) to form the Government Cyber Action Plan (GCAP)..

Weekly summary is out..

ctoatncsc.substack.com/p/cto-at-ncs...

10.01.2026 08:20 πŸ‘ 2 πŸ” 0 πŸ’¬ 0 πŸ“Œ 0
Preview
CTO at NCSC Summary: week ending January 4th Happy New Year...

Weekly summary is out..

ctoatncsc.substack.com/p/cto-at-ncs...

03.01.2026 07:52 πŸ‘ 2 πŸ” 1 πŸ’¬ 0 πŸ“Œ 0
Preview
CTO at NCSC Summary: week ending December 28th Addressing fundamentals move dials - be it architectures (cross-domain, privileged access workstations etc), approaches (external attack surface management, deception), or solutions (passkeys).

Weekly summary is out...

ctoatncsc.substack.com/p/cto-at-ncs...

27.12.2025 08:26 πŸ‘ 2 πŸ” 2 πŸ’¬ 0 πŸ“Œ 0
Preview
CTO at NCSC Summary: week ending December 28th Addressing fundamentals move dials - be it architectures (cross-domain, privileged access workstations etc), approaches (external attack surface management, deception), or solutions (passkeys).

Weekly summary is out...

ctoatncsc.substack.com/p/cto-at-ncs...

27.12.2025 08:26 πŸ‘ 2 πŸ” 2 πŸ’¬ 0 πŸ“Œ 0
Toughen up your online security. Turn on 2-step verification now

Toughen up your online security. Turn on 2-step verification now

If you're looking out for good Boxing Day deals, stay ahead of scams by enabling 2-Step Verification (2SV).

Keep the fraudsters out of your online accounts with an extra step to verify your identity after a login attempt.

Learn more:
https://stopthinkfraud.campaign.gov.uk/

26.12.2025 10:56 πŸ‘ 8 πŸ” 3 πŸ’¬ 0 πŸ“Œ 2
Preview
CTO at NCSC Summary: week ending December 21st - nearly Christmas edition β„οΈπŸŽ„πŸŽ…πŸ€ΆπŸŽ„β„οΈ β€œAlongside the grinding war, Russia is testing us in the grey zone with tactics that are just below the threshold of war."

Weekly summary is out...

ctoatncsc.substack.com/p/cto-at-ncs...

20.12.2025 09:13 πŸ‘ 3 πŸ” 3 πŸ’¬ 0 πŸ“Œ 0
Preview
CTO at NCSC Summary: week ending December 21st - nearly Christmas edition β„οΈπŸŽ„πŸŽ…πŸ€ΆπŸŽ„β„οΈ β€œAlongside the grinding war, Russia is testing us in the grey zone with tactics that are just below the threshold of war."

Weekly summary is out...

ctoatncsc.substack.com/p/cto-at-ncs...

20.12.2025 09:13 πŸ‘ 3 πŸ” 3 πŸ’¬ 0 πŸ“Œ 0
Preview
CTO at NCSC Summary: week ending December 14th β€œOne of the most promising aspects of cyber deception is its potential to impose cost on adversaries." - NCSC

Weekly summary is out...

ctoatncsc.substack.com/p/cto-at-ncs...

13.12.2025 09:44 πŸ‘ 2 πŸ” 0 πŸ’¬ 0 πŸ“Œ 0
Preview
Cyber deception trials: what we’ve learned so far An update on the NCSC's trials to test the real-world efficacy of cyber deception solutions.

At @ncsc.gov.uk we have been running cyber deception experiments across 121 organisations from across the UK..

.. the team have just shared our insights ..

www.ncsc.gov.uk/blog-post/cy...

11.12.2025 19:56 πŸ‘ 9 πŸ” 4 πŸ’¬ 0 πŸ“Œ 0
Preview
Cyber deception trials: what we’ve learned so far An update on the NCSC's trials to test the real-world efficacy of cyber deception solutions.

At @ncsc.gov.uk we have been running cyber deception experiments across 121 organisations from across the UK..

.. the team have just shared our insights ..

www.ncsc.gov.uk/blog-post/cy...

11.12.2025 19:56 πŸ‘ 9 πŸ” 4 πŸ’¬ 0 πŸ“Œ 0

Prompt injection != SQL injection - There are crucial differences between prompt and SQL injection which – if not considered – can undermine mitigations.

09.12.2025 09:24 πŸ‘ 2 πŸ” 2 πŸ’¬ 0 πŸ“Œ 0
Preview
CTO at NCSC Summary: week ending December 7th Patch those React and Next.JS servers... please..

Weekly summary is out..

ctoatncsc.substack.com/p/cto-at-ncs...

06.12.2025 09:36 πŸ‘ 3 πŸ” 3 πŸ’¬ 0 πŸ“Œ 0