With a growing number of cyber threats endangering users’ privacy and data, organizations must ensure they are consistently choosing secure and verifiable technologies.

That, however, is not an easy task. Users have the responsibility to evaluate the suitability, security and risks associated with acquiring and operating a digital product or service. However, it is important users increasingly demand manufacturers embrace and provide products and services that are secure-by-design and secure-by-default. In this way, consumers can increase their resilience, reduce their risks, and lower the costs associated with patching and incident response.

When an organization has determined a need to procure a digital product or service, it must consider whether the product or service is secure and that security will end up maintained throughout its specified lifecycle.

Inadequate or poor security may expose organizations to increased and possibly unmanageable risks, as well as higher operational costs. Proactive integration of security considerations into the procurement process can assist in managing and significantly mitigating risks and reducing costs.

To that end, the Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC) and the Cybersecurity Infrastructure Security Agency (CISA), Canadian Centre for Cyber Security (CCCS), United Kingdom’s National Cyber Security Centre (NCSC-UK), and New Zealand’s National Cyber Security Centre (NCSC-NZ) issued recommendations to act as a roadmap for choosing secure and verifiable technologies.

Schneider Bold

Secure-by-design is a proactive, security-focused approach taken by software manufacturers during the development of digital products and services that requires the purposeful alignment of cyber security goals across all levels of the manufacturing organization.

Secure-by-design requires manufacturers consider cyber threats from the outset to enable mitigations through thoughtful design, development, architecture, and security measures. Its core value is to protect user privacy and data through designing, building and delivering digital products and services with fewer vulnerabilities.

Understanding the secure-by-design principles and practices manufacturers should be applying when producing digital products and services will assist procuring organizations to make informed, secure choices.

By investing in secure products and services, organizations can reduce operating costs over time, enhancing profitability and organizational reputation to build long-term, sustainable corporate value.

Click here to review the entire Secure By Design paper.

ISSSource

Pin It on Pinterest

Share This