Why we use Secure by Design
Cyber threats
The constant developments in digital and cyber technology mean we need to evolve to stay secure.
The risk of cyber-attack is one of the highest that is managed by the Defence Board. The government, allies and partners are required to address cyber risk through the 7 strategic priorities. Secure by Design is the first of these.
The risk of cyber-attack is one of the highest that is managed by the Defence Board. The government, allies and partners are required to address cyber risk through the 7 strategic priorities. Secure by Design is the first of these.
Risks
Cyber attack
Poor cyber security aids our enemies and makes us more vulnerable to attacks on infrastructure, compromises our security, and gives them a significant strategic advantage.We need to build cyber resilience into our capabilities so that we can rapidly evolve and respond to cyber attacks during peace and times of conflict.
Service impact
Failure to include security from the start impacts on cost, scheduling and reputation. It is a myth that security can become part of a system/service later in the lifecycle. It cannot, so you must consider it from the start.Reputation
A lack of consideration of cyber security throughout the lifecycle of capabilities increases the impact of reputational damage to Defence, capabilities and the accountable Senior Responsible Owner (SRO) or suitable equivalent.Benefits
Benefits to Defence:
- improved national security protection and resilience of Defence outcomes by prioritising security from the start and reducing cyber security risk
- safeguarding sensitive data and compliance with regulations
- cyber security risk management throughout with individuals making the right decisions at each stage of the capability lifecycle
- reducing cyber security compromise by identifying risk
- enough flexibility for new technology to be assessed, adapted and exploited
Benefits to delivery teams:
- delivering capability and value as rapidly and securely as possible
- reduced burden on time, cost and performance
- making better decisions from a comprehensive view of cyber security risks throughout the lifecycle
- security is part of governance
- allowing everyone in a delivery team to be active participants
- cost-effectiveness by having security as part of a design process from the start rather than retrofitting at cost later on
Benefits to users:
- better and secure for users
- increased confidence in achieving their missions