I Need To...

Implement the Cert NZ Top 10 Critical Cybersecurity Controls

woman looking at laptop

Implement the Cert NZ Top 10

Reduce cyber security risks when you adopt the Cert NZ recommended cyber security controls and mitigation strategies.

Learn more

Protect against ransomware

Implement the Cert NZ Top 10 to protect against the threat of ransomware. A key strategy is application allowlisting

Read how

Take the manual effort out of patch

Patching can be costly, manual and slow. Cert NZ cyber recommends patching all systems and applications quickly.

Find out more

What are the Cert NZ Top 10?

The Cert NZ Top 10 Critical Controls, is a list of ten mitigation strategies for businesses and large organisations to prevent cyber security incidents. The National Computer Emergency Response Team New Zealand (CERT NZ) in agreement with the National Cyber Security Centre (NCSC) has developed the Top 10 strategies to improve security controls, protect organisations’ computing resources and systems and keep data secure against cyber security threats.

Strengthen security with multiple layers of defence

Cyber threats pose many challenges, and there’s no silver bullet to combat them. But you can radically improve your security with a multi-layered approach.

Discovery and inventory

Cert NZ recommends you understand your hardware & software assets before starting implementing the Top 10 critical controls.

Application Allowlisting

Allow only known authorized software to run to protect against Ransomware & Malware.

Patch the OS & Systems

Keep desktop and server, Windows and Linux platforms up to date.

Password Management

Implement a Zero Sign on experience to remove passwords.

Least Privilege

Implement a least privilege model to protect and limit lateral movement. Remove full admin rights to servers and define who can use specific devices and applications.

Secure Internet exposed devices

Control how applications are configured and interact with the system and user environment.

Manage macros

Secure use of macros and what they can do.

Multi factor authentication

Implement a Zero Sign on experience to remove passwords.

Network Segmentation

Deliver granular network controls integrated with a Zero Trust Framework.

You can also check the Cert NZ Government website which includes more information on the Top 10 mitigation strategies and how to implement them.