Security-by-design and-default guidelines outlined by governments, including US, UK

|
Categories Digital Infrastructure News
Security-by-design and-default guidelines outlined by governments, including US, UK

The cybersecurity authorities of Australia, United Kingdom, Canada, Germany, Netherlands and New Zealand, including CISA and the FBI, have jointly published “Shifting the Balance of Cybersecurity Risk: Principles and Approaches for Security-by-Design and -Default”. The report outlines steps technology providers can take to increase the safety of products used worldwide.

The guide comes in response to growing concerns about digital threats faced by global citizens. As the National Cyber Security Centre Netherlands director Hans de Vries says, “In a world rapidly digitalizing, citizens should be protected from digital threats.”

This joint guidance encourages software manufacturers to create secure-by-design and -default products by revamping design and development programs. It urges them to take urgent steps towards this goal to ensure that technology and associated products are safe for customers.

Rob Pope, the director of the Computer Emergency Response Team New Zealand, also shares his thoughts on the importance of security-by-design and security-by-default, saying, “By creating secure products, both by design and by default, manufacturers can take much of the burden from end users.”

This guidance outlines core principles for software manufacturers to follow when designing and shipping their products, including taking ownership of security outcomes, embracing transparency and accountability and building the proper organizational structure.

The guide was created in partnership with many private sector organizations that provided invaluable contributions to advancing secure-by-design and security-by-default. The guide’s authors hope it will promote an international conversation about investments and decisions necessary to achieve a secure and resilient future.

Overall, it seeks to help organizations understand their responsibility for the security of end users. As Lisa Fong, the deputy director-general of the National Cyber Security Centre New Zealand (NCSC-NZ), notes, “Customers should have confidence that technology products are designed with information security as a key factor from the outset.”

Previous Article:

Article Topics

 |   |   |   |   |   |   |   | 

Comments

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Sponsored Links

Avassa: Empowers companies to bridge the gap between modern containerized applications development and operations and distributed edge infrastructure. https://avassa.io/

DataBank: We believe there is a different edge to be served - the “middle edge" - that will become the first step for many in their journey to the edge. https://www.databank.com/

Latitude.sh: Where the power of bare metal meets the flexibility of the cloud. Deploy physical servers across 23 global locations in as little as 5 seconds. https://www.latitude.sh/

Zenlayer: A massively distributed edge cloud service provider operating over 270 PoPs around the world, with expertise in fast-growing emerging markets. https://www.zenlayer.com/

OnLogic: A global industrial PC manufacturer and solution provider focused on hardware for IoT and edge AI, OnLogic designs highly-configurable computers engineered for reliability. https://www.onlogic.com/

Featured Company

Learn More

Latest News