NCSC Secure Design Principles – Guides for the Design of Cyber Secure Systems

The UK National Cyber Security Centre published guidance on how to get the most from the secure design principles.

These principles are intended to help ensure that the networks and technologies which underpin modern life are designed and built securely.

The NCSC has divided each set of principles into five categories, loosely aligned with stages at which an attack can be mitigated:

  • Establish the context
    Determine all the elements which compose your system, so your defensive measures will have no blind spots.
  • Making compromise difficult
    An attacker can only target the parts of a system they can reach. Make your system as difficult to penetrate as possible
  • Making disruption difficult
    Design a system that is resilient to denial of service attacks and usage spikes
  • Making compromise detection easier
    Design your system so you can spot suspicious activity as it happens and take necessary action
  • Reducing the impact of compromise
    If an attacker succeeds in gaining a foothold, they will then move to exploit your system. Make this as difficult as possible

Leave a Reply

scroll to top