Skip Navigation

  • Contact us
  • FAQ
  • Glossary
  • Public key
  • Sitemap
  • Cymraeg
  • What's new
CPNI - Centre for the Protection of National Infastructure

Advanced search

  • About CPNI
  • The threats
  • Security planning
  • Methods of attack
  • Protecting your assets
  • Products and services
  • Research

Welcome

We are the Government authority which provides protective security advice to businesses and organisations across the national infrastructure.

Our advice aims to reduce the vulnerability
of the national infrastructure
to terrorism and other threats,
keeping the UK's essential services safer

What we do

What we do

Our advice aims to reduce the vulnerability of the national infrastructure to terrorism and other threats, keeping the UK's essential services (delivered by the communications, emergency services, energy, finance, food, government, health, transport and water sectors) safer. CPNI advice is targeted primarily at the critical national infrastructure (CNI) - those infrastructure assets (physical or electronic) that are vital to the continued delivery and integrity of the essential services upon which the UK relies, the loss or compromise of which would lead to severe economic or social consequences or to loss of life

What we do

What's new


General

  • Personnel security in offshore locations [26/06/2009]

    How good practice personnel security measures, designed to mitigate the insider threat, can be applied effectively overseas
  • Networks [01/06/2009]

    Good practice guidance - Resilience in converged networks now published
  • Overseas criminal records checks [01/05/2009]

    Associated with the pre-employment screening guidance is CPNI commissioned research on overseas criminal record checks
  • Personnel security measures [01/05/2009]

    An updated version of CPNI's good practice guidance on pre-employment screening is now available

Advisories

  • May 09 - Keystroke Logging [28/05/2009]

  • Feb 09 - Security assessment of the Transmission Control Protocol (TCP) [09/03/2009]

    This document is the result of a security assessment of the IETF specifications of the Transmission Control Protocol (TCP), from a security point of view.
  • How to protect Information Assets from theft and exfiltration by Third Parties and Contractors [02/10/2008]

    Recommendations to prevent data being copied and removed from organisational premises without permission.

What's new

What we do

Top ten security guidelines

The following is a summary of our ten protective security tips:

  • assess the risks to your business
  • consider security first when planning building works
  • establish a security culture in your business
  • keep premises clear and tidy
  • control access points and use staff and visitor passes
  • install physical measures e.g. locks, alarms, CCTV, lighting etc
  • establish good mail handling procedures
  • recruit carefully, checking identities and following up references
  • take proper IT security precautions
  • test your business continuity plans regularly

Top ten security guidelines

  • Accessibility |
  • Terms and conditions |
  • Privacy statement |
  • Data protection act |
  • Freedom of information |