Skip Navigation

  • Contact us
  • FAQ
  • Glossary
  • Public key
  • Sitemap
  • Cymraeg
  • What's new
CPNI - Centre for the Protection of National Infastructure

Advanced search

  • About CPNI
  • The threats
  • Security planning
  • Methods of attack
  • Protecting your assets
  • Products and services
  • Research

Welcome

We are the Government authority which provides protective security advice to businesses and organisations across the national infrastructure.

Our advice aims to reduce the vulnerability
of the national infrastructure
to terrorism and other threats,
keeping the UK's essential services safer

What we do

What we do

Our advice aims to reduce the vulnerability of the national infrastructure to terrorism and other threats, keeping the UK's essential services (delivered by the communications, emergency services, energy, finance, food, government, health, transport and water sectors) safer. Without these services, the UK could suffer serious consequences, including severe economic damage, grave social disruption, or even large scale loss of life. CPNI advice is targeted primarily at the critical national infrastructure (CNI) - those key elements of the national infrastructure which are crucial to the continued delivery of essential services to the UK.

What we do

What's new


General

  • Viewpoints [01/09/2008]

    A new CPNI Viewpoint paper has been published discussing Domain Name System (DNS).

  • CPNI events [03/07/2008]

    CPNI is holding a food defence conference on 24 October 2008

  • SCADA [12/06/2008]

    Updated good practice guidance on securing process control and SCADA systems is now available.

  • Screening [29/02/2008]

    The law on preventing illegal working in the UK has changed. Employers will need to be aware of their responsibilities.

  • Personnel security measures [09/01/2008]

    'Personnel Security: Threats, Challenges and Measures' an introductory guide to personnel security has now been published. This replaces and significantly expands on 'Personnel Security: Managing the Risk'.

Advisories

  • 3680 - Security Assessment of the Internet Protocol [15/08/2008]

    A new CPNI document that aims to raise the awareness of the many security threats from attacks based on the Internet protocol.

  • 3654 - Multiple DNS implementations vulnerable to cache poisoning [08/07/2008]

    Deficiencies in the DNS protocol and common DNS implementations facilitate DNS cache poisoning attacks. Effective attack techniques against these vulnerabilities have been demonstrated.

  • 3649 - APPLE-SA-2008-06-30 Security Update 2008-004 and Mac OS X v10.5.4 [01/07/2008]

    Apple have released security ipdate 2008-004 and Mac OS X v10.5.4 that address a number of issues.

  • 3623 - Malware Installed on Removable Media [30/05/2008]

    CSIRTUK have been made aware of an increase in malware (often referred to as computer virus) pre-installed on peripherals and removable media. This advisory raises awareness of the growing threat.

What's new

What we do

Top ten security guidelines

The following is a summary of our ten protective security tips:

  • assess the risks to your business
  • consider security first when planning building works
  • establish a security culture in your business
  • keep premises clear and tidy
  • control access points and use staff and visitor passes
  • install physical measures e.g. locks, alarms, CCTV, lighting etc
  • establish good mail handling procedures
  • recruit carefully, checking identities and following up references
  • take proper IT security precautions
  • test your business continuity plans regularly

Top ten security guidelines

  • Accessibility |
  • Terms and conditions |
  • Privacy statement |
  • Data protection act |
  • Freedom of information |