Updated: Jun 5, 2022
Each year CERTNZ reviews their recommended list of critical controls based on the incidents they have seen in the prior 12 months.
CERTNZ is your first port of call when you need to report a cyber security problem. They are a government organsiation here to support businesses, organisations and individuals affected by cyber security incidents, to provide trusted and authoritative information and advice.
CERTNZ's Critical Controls 2022 are:
Patch your software and systems
Implement multi-factor authentication and verification
Provide and use a password manager
Configure logging and alerting
Asset lifecycle management
Implement and test backups
Implement application control
Enforce the principle of least privilege - minimum access levels
Implement network segmentation
Set secure defaults for macros
For more detail see CERTNZ Critical Controls 2022 and speak with your computer support specialist.