New guidance, written by a group of national cyber security agencies, explores the use of security-by-design to improve cyber resilience. The agencies are encouraging manufacturers of technology and associated products to take more responsibility for cyber security during the design and development process.
‘Shifting the Balance of Cybersecurity Risk: Security-by-Design and Default Principles’ serves as a cyber security roadmap for manufacturers of technology and associated products. Manufacturers are 'urged to put cyber security first, during the design phase of a product’s development lifecycle, to decrease user risk and provide out-of-the-box user protections by default at no extra charge'.
This guide ‘represents an international effort to reduce exploitable vulnerabilities in technology used by the government and private sector organizations’. It has been developed by CISA, Federal Bureau of Investigation, National Security Agency, Australian Cyber Security Centre, Canadian Centre for Cyber Security, New Zealand’s Computer Emergency Response Team, United Kingdom’s National Cyber Security Centre, Germany’s Federal Office for Information Security (BSI), and the Netherlands’ National Cyber Security Centre.