If your organisation uses cryptographic keys and secrets within your information environment, it’s crucial you understand how they can be compromised by malicious cyber actors.
Knowing the current and emerging threat environment enables you to implement relevant security mitigations to prevent, minimise and detect compromise. This will reduce the overall impact to your organisation.
We have collaborated with the Department of Industry Science and Resources (DISR) and our international partners to release Managing cryptographic keys and secrets.
The publication is written for organisational security personnel – including architects, IT security, crypto custodians and managers – whose organisations rely on, use or manage cryptographic keys and secrets. The advice applies to Cloud Service Providers and enterprise organisations with on-premises or hybrid environments.
Secure key and secret management is a key pillar of ASD’s Secure-by-Design Foundations. Foundation 2: Early and sustained security encourages a ‘security-first’ approach when developing and procuring IT products.
Learn more about managing cryptographic keys and secrets for your organisation.