The output document entitled ‘Security of digital products and services: Reducing vulnerabilities and secure design: Good practices’ is a result of the partner inputs during the fourteen discussions of the Geneva Dialogue on Responsible Behaviour in Cyberspace (GD) in 2020 (May-November 2020), and a number of written contributions submitted in that period. As part of the GD, partners agreed to focus on defining secure design and vulnerability management, as well as associated implementation practices.
Based on these discussions, this document sets out the definitions related to secure design that have been agreed upon by the partners and highlights some of the best practices that the partners are following. The document also emphasises the organisational and planning resources and processes needed to implement those best practices, and lists some of the key resources recommended by partners.
This document is primarily targeting those developing software, hardware, cloud, and system solutions – primarily companies, but other institutions and organisations as well. Best practices and certain challenges can also be useful to both regulators and customers to better understand the environment in which digital products are being developed and secured.