The Canadian Centre for Cyber Security has joined the Australian Signals Directorate’s (ASD) Australian Cyber Security Centre (ACSC) and the following international partners in releasing cyber security guidance on obtaining secure digital products or services:
- New Zealand National Cyber Security Centre (NCSC-NZ)
- United Kingdom (UK) National Cyber Security Centre (NCSC-UK)
- United States (US) Cybersecurity and Infrastructure Security Agency (CISA)
To protect users’ privacy and data from cyber threats, organizations must ensure they are choosing secure and verifiable technologies. When obtaining and operating digital products or services, organizations are responsible for evaluating suitability, security, and associated risks.
This guidance is designed to help organizations and manufacturers by:
- informing organizations of secure-by-design considerations when obtaining digital products and services
- assisting organizations in making informed, risk-based decisions about digital products and services
- informing manufacturers of secure-by-design considerations for digital products and services
- providing manufacturers with key security questions and expectations they can anticipate from their customers
By making informed and secure choices, organizations can purchase more secure products with less vulnerabilities, reducing the associated costs of managing product vulnerabilities.
Read the joint guidance Secure-by-Design: Choosing Secure and Verifiable Technologies.