Critical controls
For each control we provide a page summarising the intent and success measures for decision makers. We have a separate page providing implementation advice for practitioners.
This is the third year of CERT NZ’s ten critical controls for organisations. These controls would prevent, detect, or contain most of the attacks we’ve seen in the past year.
Keeping your software up-to-date is one of the most simple and effective steps to take, to ensure your environment stays secure.
Unused or older services and protocols often have their own vulnerabilities. Proactively scan your network for any that are not used or vulnerable, and disable them.
After an incident, restoring your data from backups is often the best way to return to business as usual. Performing and testing backups often will help prevent the loss of data in the event of an incident.
Application whitelisting is a method of strictly controlling what programs can be run in your environment.
The principle of least privilege means only having the access you need to do your job.
Storing and securing your logs in a central place makes log analysis and alerting easier.
When paired together, segmentation and separation can add an additional level of access control and security to your network, systems, and data.
Using a combination of authentication security controls can protect your organisation from a wide range of unauthorised access attacks.
Tracking assets throughout their lifecycle allows your organisation to securely carry out system hardening, patching and asset decommissioning.
While macros have a valid business function, they are often used by attackers too. Using secure default configurations will help protect your machine against malicious macros.