The Canadian Centre for Cyber Security (Cyber Centre) has joined the Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC) and the following international partners in releasing cyber security guidance on managing cryptographic keys and secrets:
- Australia’s Department of Industry Science and Resources (DISR)
- Japan’s Computer Emergency Response Team Coordination Center (JPCERT/CC)
- Japan’s National Cybersecurity Office (NCO)
- New Zealand’s National Cyber Security Centre (NCSC-NZ)
- United Kingdom’s National Cyber Security Centre (NCSC-UK)
Cryptographic keys and secrets are a critical asset of many organizations and an important aspect of cyber security. They require careful management and protection throughout their lifecycle. When an organization’s keys or secrets have been compromised, it can have significant negative impact on its operations, finances and reputation.
This joint guidance is intended for security personnel and considers threats to the following types of cryptographic keys and secrets:
- Asymmetric keys
- Digital certificates
- Symmetric keys
- Secrets
This joint guidance aims to help personnel understand the threat environment and the value of implementing secure keys and managing secrets.
Read the full joint guidance: Managing Cryptographic Keys and Secrets