iscover
Share this article on:
Powered by
MOMENTUM
MEDIA
The Quad nations have established a new set of secure-by-design principles that will be applied to government and government contractors, in an effort to reduce the frequency of software vulnerabilities and lower the impact of them being abused by threat actors.
Following a meeting in Hiroshima during the G7 summit, the Quad partners, made up of Australia, India, Japan and the US, have published the Quad Cybersecurity Partnership: Joint Principles for Secure Software.
The document names a number of guidelines that government agencies and contractors will be required to meet as part of its move to ensure “high-level secure software development practices”.
“The Quad Senior Cyber Group reaffirms our commitment to collectively improve software security by establishing minimum cyber security guidelines for governments to guide their development, procurement, and use of software,” it said.
“The Quad intends to pursue the following high-level secure software development practices and to adopt them into existing government policy, acquire software that meets these practices, and encourage software developers/suppliers to implement them.”
The Quad nations stated that the following practices would be put into place:
The document said that each member nation of the Quad would build its own frameworks in line with international and domestic laws and regulations.
While the guidelines are currently only aimed at those interacting with the government, Home Affairs Secretary Mike Pezzullo said that banks and telcos could follow.
“Whether by principle or by direction, they’ll probably impose [the guidelines] on banks and telcos etc.,” he told Senate estimates on Monday (22 May).
Pezzullo’s comments at the Senate estimates come off the back of similar suggestions from the shadow minister for cyber security James Paterson, who raised the idea that the government crackdown on Chinese software and hardware, such as cameras, could be applied to non-government entities, specifically critical infrastructure operators.
During his talk at the Senate estimates, Pezzullo also revealed that the Home Affairs department had placed a block on ChatGPT use by public servants, citing a lack of “proprietary engagement” as the reason.
The block, while not permanent, would prevent the artificial intelligence (AI) tool from being used at an individual level and require those looking to use it to gain special approval.
Be the first to hear the latest developments in the cyber industry.
