Today, the Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC), together with CISA, the Canadian Centre for Cyber Security (CCCS), the United Kingdom’s National Cyber Security Centre (NCSC-UK), and the New Zealand National Cyber Security Centre (NCSC-NZ) are releasing the following guidance: Secure by Design Choosing Secure and Verifiable Technologies. This guidance was crafted to provide organizations with secure by design considerations when procuring digital products and services.Â

The guidance contains a range of internal and external considerations and offers sample questions to leverage at each stage of the procurement process. Additionally, the guidance informs manufacturers on steps they should be taking to align their development processes to secure by design principles and practices.

CISA and partners encourage all organizations to read the guidance to assist with making secure and informed choices when procuring digital products and services. Software manufacturers are also encouraged to incorporate the secure by design principles and practices found in the guidance. To learn more about secure by design principles and practices, visit CISA’s Secure by Design webpage.Â

Leave a Reply

Your email address will not be published. Required fields are marked *

Explore More

CISA Adds Three Known Exploited Vulnerabilities to Catalog

April 24, 2024 0 Comments 0 tags

CISA has added three new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2024-20353 Cisco ASA and FTD Denial of Service Vulnerability CVE-2024-20359 Cisco ASA and FTD

Three New Critical Vulnerabilities Uncovered in Argo

March 18, 2024 0 Comments 0 tags

The flaws, identified by KTrust, enable attackers to bypass rate limits and brute force protection mechanisms

Operation Cronos: Who Are the LockBit Admins

February 23, 2024 0 Comments 0 tags

Law enforcement agencies involved in Operation Cronos have announced they have been in contact with the LockBit kingpin aka LockbitSupp