Secure by Design

What Do Secure-by-Design and Secure-by-Default Mean?

CISA, the Federal Bureau of Investigation, the National Security Agency, and the cybersecurity authorities of Australia, Canada, United Kingdom, Germany, Netherlands, and New Zealand jointly developed and released guidance for technology manufacturers to establish Secure-by-Design and Secure-by-Default principles to ensure higher levels of cybersecurity for organizations. 

Secure-by-Design refers to designing a system or product with security in mind from the beginning. This means considering potential security threats and vulnerabilities during the design phase and implementing security controls and best practices as part of the overall design. The goal of Secure-by-Design is to create systems and products that are inherently secure rather than relying on additional security measures to be added later on.

On the other hand, Secure-by-Default refers to configuring systems and products with secure settings by default. This means that the system or product is designed with security as a primary consideration, and users are not required to take additional steps to ensure security. Secure-by-Default helps to ensure that users are protected from common security threats without having to configure complex security settings themselves.

Both Secure-by-Design and Secure-by-Default are essential concepts in the world of cybersecurity. These principles help developers create products and systems that are more secure, resilient, and able to withstand cyber threats for a more sustainable security ecosystem. 

Secure-by-Design principles allow developers to build products and systems that are more secure, resilient, and able to withstand various cyber threats. This protects the organization and its customers, instills confidence in the marketplace, fosters trust, and enhances brand reputation. Secure-by-Design and Secure-by-Default are not just about creating secure products or systems but about creating a culture of security that permeates the entire organization.

Three Core Principles of Secure-by-Design

To improve the cybersecurity landscape, technology manufacturers are urged to adopt three Secure-by-Design core principles to guide the development and design process.

1. The burden of security lies on the manufacturer, not the customer

CISA believes software manufacturers need to take ownership of their security outcomes instead of depending on the customer to make backups and security protocols. There are many benefits to backing up data on an external drive to the cloud, including convenience, reliability, and automation. But when customers purchase a product, it should have built-in security features to prevent the most common cyber threats.

2. Adopt radical transparency and embrace accountability

Another aspect of Secure-by-Design will require manufacturers to compile and share information they learn from product deployments. This includes ensuring that CVE records are complete and accurate. Instead of viewing them as a negative metric, these records should drive security improvement for future releases.

3. Create an organizational structure to support Secure-by-Design practices

Executive-level involvement in Secure-by-Design principles is essential to its success. Partnerships with Security and IT leadership are crucial so that the board can understand how cyber security and other design principles affect the organization and the impact on customers.

Secure-by-Design and Secure-by-Default Best Practices

Here are some specific examples presented by the CISA for technology manufacturers to incorporate Secure-by-Design and Secure-by-Default practices into the development process. 

Secure-by-Design Best Practices

  • Prioritize the use of memory-safe languages
  • Incorporate architectural features that enable granular memory protection
  • Maintain well-secured software components
  • Use web template frameworks that implement automatic escaping of user input
  • Use parameterized queries
  • Perform static and dynamic application security testing
  • Ensure that code submitted into products goes through peer review by other developers
  • Create a software bill of materials to ensure visibility
  • Design infrastructure so the entire system isn’t compromised when a security control is breached
  • Design products that meet CISA cybersecurity performance goals

Secure-by-Default Best Practices

  • Get rid of default passwords for all products
  • Use single sign-on technology
  • Provide high-quality audit logs to customers for free
  • Integrate components of the “hardening guide” as the default configuration
  • Offer recommendations for authorized profile roles and their designated use cases
  • Prioritize security over backward compatibility
  • Integrate secure settings that cannot be changed

How to Implement Secure-by-Design Practices

Manufacturers and software development organizations should work to implement Secure-by-Design practices to ensure an optimal cybersecurity posture for their company and their customers.

Here are three ways tech companies can start to implement Secure-by-Design practices.

1. Regular Meetings with Company Executives

Regular check-ins with leadership will drive the importance of implementing Secure-by-Design and Secure-by-Default practices and ensure that the correct policies and procedures are implemented to reward production teams with appropriate incentives. 

2. A Security-First Business Model

Make software security the number one priority by assigning a software security team that aims to uphold security standards across the organization. This will ensure manufacturers have a robust and effective security evaluation program at the center of product development. 

3. Tailored Threat Models for Development

Using a tailored threat model throughout the development lifecycle helps teams prioritize the most critical and high-impact products based on their use case and capabilities. This enables development teams to build security into products from the start, avoiding costly rework and reducing the need for security updates after release. 
Every security team wants Zero Trust—nobody gets or keeps access to anything until they prove and continue to prove who they are, that access is authorized, and they are not acting maliciously. That’s why organizations choose BlackBerry® Zero Trust Architecture powered by Cylance® AI to protect their people, data, and networks.