- Posted April 14, 2023
- Technical Advisories
New Zealand’s National Cyber Security Centre (NCSC) has issued a joint guide in partnership with the United States of America's Cybersecurity and Infrastructure Security Agency (CISA(external link)), the Federal Bureau of Investigation (FBI(external link)), the National Security Agency (NSA(external link)), and the cyber security authorities of Australia(external link), Canada(external link), United Kingdom(external link), Germany(external link), Netherlands(external link), as well as New Zealand’s Computer Emergency Response Team (CERT NZ(external link)).
The joint guide, titled Shifting the Balance of Cybersecurity Risk: Principles and Approaches for Security-by-Design and -Default, recommends that software manufacturers adopt secure-by-design and secure-by-default practices, and that customer organisations should hold their manufacturers and suppliers to these standards. The guidance serves as a cyber security roadmap for manufacturers of technology and associated products.
Products that are secure-by-design are those where the security of the customers is a core business requirement, not just a technical feature. Secure-by-default products are those that are secure to use out of the box with little to no configuration changes or additional security costs. This first-of-its-kind cyber security guide on this topic from seven like-minded nations is intended to create a future where technology and associated products are safe for customers.
For queries related to this guidance, please contact: info@ncsc.govt.nz