Okay, deep breath, let's get this over with. In the grand act of digital self-sabotage, we've littered this site with cookies. Yep, we did that. Why? So your highness can have a 'premium' experience or whatever. These traitorous cookies hide in your browser, eagerly waiting to welcome you back like a guilty dog that's just chewed your favorite shoe. And, if that's not enough, they also tattle on which parts of our sad little corner of the web you obsess over. Feels dirty, doesn't it?
Global Cyber Security Alliances Release Essential Guide to Secure Procurement Practices
In a global push for cybersecurity, the ASD’s ACSC, CISA, CCCS, NCSC-UK, and NCSC-NZ released guidance on “Secure by Design” principles. This aims to help organizations select verifiable, secure digital technologies, guiding both procurement processes and manufacturers towards enhanced security practices.
Hot Take:
It’s like a cybersecurity Avengers team-up! The cybersecurity agencies from five countries have joined forces to drop some wisdom on us mere mortals about how to buy tech without inviting the digital boogeyman into our lives. It’s about time we got a “How to not get hacked 101” guide from the pros!
- The cybersecurity big leagues (ASD’s ACSC, CISA, CCCS, NCSC-UK, and NCSC-NZ) have come together to create a new guidance dubbed “Secure by Design: Choosing Secure and Verifiable Technologies.”
- This guidance is a treasure trove of tips on what to consider internally and externally when buying digital products and services.
- It includes handy dandy questions to ask during the procurement process. Think of it as your cheat sheet to avoid buying a lemon in the tech world.
- Manufacturers aren’t off the hook either; they’re encouraged to align their development processes with secure by design principles.
- Everyone’s invited to learn more about these principles on CISA’s “Secure by Design” webpage, because knowledge is power (and also because no one likes being hacked).
Need to know more?
When Five Heads are Better Than One
Imagine the cybersecurity version of the UN deciding it’s time to do something about how we buy our tech. That’s what’s happening here with teams from Australia, Canada, the UK, New Zealand, and the US. They’ve pooled their collective brainpower to help organizations make better choices. It’s like having five cybersecurity wizards casting a protective spell over your tech purchases.
Shopping for Tech Without the Regrets
The new guide isn’t just a list of dos and don’ts; it’s more like a philosophical treatise on the art of procuring tech. With a focus on ‘secure by design,’ it aims to engrain security into the product from the get-go rather than slapping it on like a clumsy afterthought. And let’s be honest, who doesn’t want their new shiny tech gadget to come with peace of mind built-in?
Questions Are Your New Best Friend
The guidance offers sample questions to arm you during the procurement process. Think of these as your secret weapon, helping to discern the secure tech from the tech that’s about as useful as a chocolate teapot in terms of security. It’s like having a lie detector test at your fingertips when dealing with tech vendors.
A Nudge for the Creators
It’s not just buyers who are getting all the attention. The guidance gives a nudge to manufacturers too, pushing them towards integrating security into their development lifecycle. It’s a gentle reminder that they need to step up their game unless they want their products to be the weak link in a chain of digital security.
Everyone’s Invited to the Security Party
Lastly, this isn’t some exclusive members-only club. CISA and partners are practically rolling out the red carpet, inviting all organizations to peruse their guide. Whether you’re a small start-up or a gigantic corporation, there’s something in there for everyone. After all, in the world of cybersecurity, everyone’s a target, so everyone needs to be armed.
Already a member? Log in here