Alongside our international partners, we have updated the Choosing secure and verifiable technologies publication to include additional insights to help organisations understand where products and services are exposed to threats in their supply chain. The publication informs people working in IT and operational technology of the secure-by-design principles to consider when procuring digital products and services, and empowers them to demand that technology manufacturers provide secure and verifiable technologies.
We have also developed supporting executive guidance for senior leaders in organisations. The summary aims to help senior leaders make better informed ICT procurement assessments and decisions, highlighting the need to understand how secure-by-design can reduce the risk to their organisation. The publication supports them to implement and follow secure-by-design principles.
Both publications have been co-authored alongside:
- Cybersecurity and Infrastructure Security Agency (CISA);
- Canadian Centre for Cyber Security (CCCS)
- National Cyber Security Centre UK (NCSC-UK)
- National Cyber Security Centre New Zealand (NCSC-NZ)
- Republic of Korea’s National Intelligence Service (NIS) and National Cyber Security Center (NCSC)
Choosing secure and verifiable technologies builds on the Secure-by-Design Foundations, which assists technology manufacturers and technology consumers to adopt secure-by-design principles.
Read the updated Choosing secure and verifiable technologies publication and executive guidance.