Secure by Design Principles¶
CDDO published a page similar to the content found below, listing the secure by design principles and their activities. The links to activities found on this page direct you to the offer DfE CISD have available to portfolios in order to help portfolios achieve these activities.
1. Create a responsibility for cyber security risk¶
Assign risk owners to be accountable for managing cyber security risks for a service throughout its lifecycle. These must be senior stakeholders with the experience, knowledge and authority to lead on security activities.
Outcomes:
- Cyber security is considered at the senior leadership level in accordance with the project risk appetite
- Appropriate resources are made available to manage security risks throughout the lifecycle
Activities:
- Considering security within the business case
- Identifying security resources
- Agreeing roles and responsibilities
2. Source secure technology products¶
Where third-party products are used, perform security due diligence by continually assessing platforms, software and code for security vulnerabilities. Mitigate risks and share findings with suppliers to help them improve product security.
Outcomes:
- Informed decisions are made on the trade-off between security, performance, usability and functionality
- Risks to others using third-party products are minimised
Activities:
3. Adopt a risk-driven approach¶
Establish the project’s risk appetite and maintain an assessment of cyber security risks to build protections appropriate to the evolving threat landscape.
Outcome:
- A dynamic risk management process that can respond to emerging threats
Activities:
- Considering security within the business case
- Working out the project’s security risk appetite
- Understanding cyber security obligations
- Documenting service assets
- Assessing the importance of service assets
- Sourcing a threat assessment
- Performing threat modelling
- Performing a security risk assessment
- Agreeing a security controls set for your service
- Responding to and mitigating security risks
- Retiring service components securely
4. Design usable security controls¶
Perform regular user research and implement findings into service design to make sure security processes are fit for purpose and easy to understand.
Outcomes:
- A secure service with security controls that minimise friction for users
- Insecure practices are avoided by removing incentives for users to find workarounds
Activities:
- Considering security within the business case
- Understanding business objectives and user needs
- Responding to and mitigating security risks
- Assessing the effectiveness of security controls
5. Build in detect and respond security¶
Design for the inevitability of security vulnerabilities and incidents. Integrate appropriate security logging, monitoring, alerting and response capabilities. These must be continually tested and iterated.
Outcomes:
- The effective capability to detect, respond to and recover from incidents
- Fewer weak points where compromises could occur or go undetected
Activities:
- Responding to and mitigating security risks
- Assessing the effectiveness of security controls
- Implementing a vulnerability management process
- Discovering vulnerabilities
- Managing observability
6. Design flexible architectures¶
Implement digital services and update legacy components to allow for easier integration of new security controls in response to changes in business requirements, cyber threats and vulnerabilities.
Outcomes:
- Changes are made without compromising on security
- Faster response is provided to evolving cyber threats
Activities:
7. Minimise the attack surface¶
Use only the capabilities, software, data and hardware components necessary for a service to mitigate cyber security risks while achieving its intended use.
Outcomes:
- Reduce opportunities for potential attackers to exploit vulnerabilities in a service
- Make the service more cost-effective to operate and maintain
Activities:
- Documenting service assets
- Performing threat modelling
- Responding to and mitigating security risks
- Assessing the effectiveness of security controls
- Discovering vulnerabilities
- Managing observability
- Retiring service components securely
8. Defend in depth¶
Create layered controls across a service so it’s harder for attackers to fully compromise the system if a single control fails or is overcome.
Outcomes:
- Increasing the time, effort and cost to an attacker required to compromise a service
- Keeps the impact of vulnerabilities more contained
Activities:
9. Embed continuous assurance¶
Implement continuous security assurance processes to create confidence in the effectiveness of security controls, both at the point of delivery and throughout the operational life of the service.
Outcomes:
- Risk owners are provided with evidence that security controls and capabilities operate as intended
- The service is built and maintained with the appropriate controls required to mitigate the security risks
- Security controls operate effectively and are updated to reflect changes in the service or threat landscape
Activities:
- Considering security within the business case
- Working out the project’s security risk appetite
- Assessing the effectiveness of security controls
10. Make changes securely¶
Embed security into the design, development and deployment processes to ensure that the security impact of changes is considered alongside other factors.
Outcome:
- The security of the service is not compromised by changes or updates
Activities: