Critical Controls
Patching
Keeping your software up-to-date is one of the most simple and effective steps to take, to ensure your environment stays
Keeping your software up-to-date is one of the most simple and effective steps to take, to ensure your environment stays
A mobile device is any portable device that can access and hold organisational data. It's important to secure these devi
The traffic light protocol (TLP) is a set of designations used to ensure that sensitive information is shared with the c
After an incident, restoring your data from backups is often the best way to return to business as usual. Performing and
CERT NZ Incident Response Manager Nadia Yousef provides an insight into ransomware and how organisations can protect the
Application allowlisting (otherwise known as whitelisting) is a method of strictly controlling what programs can be run
If you find a vulnerability in a service or product, you should report it to the individual or organisation (the 'vendor
A vulnerability is a weakness in software, hardware, or an online service. Vulnerabilities can be exploited to damage a
The principle of least privilege means only having the access you need to do your job. Restricting the level access to o
CERT NZ’s latest report shows Kiwis reported more than 1,400 cyber security incidents from 1 January to 31 March.
Change the passwords on any systems that come with default credentials before you use the systems in your environment.
Storing and securing your logs in a central place makes log analysis and alerting easier.