Ngā Tikanga Whakamaru Waiwai Critical Controls

When correctly implemented, our Critical Controls will prevent, detect, or contain the majority of the attacks we’ve seen in the past year.

When correctly implemented, these Critical Controls can prevent, detect, or contain the majority of cyber attacks.

Make sure staff only have access to the networks and systems they need to do their job.

Keep software within your environment up to date, and understand the risk of delaying or cancelling patches and updates.

Organisations should provide a password manager tool to all staff who have access to their systems and accounts.

Segmentation and separation can add an additional level of access control and security to the network, systems and data.

This control requires users to provide additional verification when authenticating to critical business systems.

After an incident, restoring your data from backups is often the best way to return to business as usual.

This control helps you store and secure your logs in a central place.

This control helps you build cyber security awareness in your organisation and create a positive security culture.

The intent of this control is to help organisations record, track, and maintain every system asset they use.

A set of security practices and controls designed to manage and restrict programs that run in your environment.