Read more
EN
Home Blog Security by Design vs Cyber Immunity (and a famous story about rabbits)
Home Blog Security by Design vs Cyber Immunity (and a famous story about rabbits)
17 JULY 2023
Articles

Security by Design vs Cyber Immunity (and a famous story about rabbits)

Learning from the wise owl how to follow Security by Design
Alexander Vinyavsky
Technology Evangelist

Security by Design provides a simple and elegant conceptual answer to the problems with existing approaches to #cybersecurity. The idea is that cybersecurity should not be an add-on feature or non-functional requirement (like usability, which is obviously not a priority for developers). Instead, security should be an inherent property of the system.

However, the Security by Design ideology and its various descriptions remind me of the famous joke about rabbits, hedgehogs and the wise owl.

Here’s our interpretation:

  1. Once upon a time, there started to be more and more wolves born in the forest, so the rabbits decided to ask the wisest creature in the forest, the owl, what to do.
  2. The owl thought for a while and said: “You should become Secure by Design (like hedgehogs)”.
  3. The rabbits liked the advice. “But … how do we become Secure by Design (like hedgehogs)?” they asked.
  4. “I’m sorry, I don’t handle questions like that, I only give strategic advice.”

Security by Design as an ideology doesn’t say a lot about what exactly should be done to implement innate protection.

But Cyber Immunity does with:

  1. An approachable methodology (how exactly to organize the process and what results/artefacts are needed at each step)
  2. Design requirements (how exactly the system should be designed to implement Security by Design in a cost-effective way)

Inspired by a story told by Alexey Matyushin, Senior Security Analyst at Kaspersky

Security by Design provides a simple and elegant conceptual answer to the problems with existing approaches to #cybersecurity. The idea is that cybersecurity should not be an add-on feature or non-functional requirement (like usability, which is obviously not a priority for developers). Instead, security should be an inherent property of the system.

However, the Security by Design ideology and its various descriptions remind me of the famous joke about rabbits, hedgehogs and the wise owl.

Here’s our interpretation:

  1. Once upon a time, there started to be more and more wolves born in the forest, so the rabbits decided to ask the wisest creature in the forest, the owl, what to do.
  2. The owl thought for a while and said: “You should become Secure by Design (like hedgehogs)”.
  3. The rabbits liked the advice. “But … how do we become Secure by Design (like hedgehogs)?” they asked.
  4. “I’m sorry, I don’t handle questions like that, I only give strategic advice.”

Security by Design as an ideology doesn’t say a lot about what exactly should be done to implement innate protection.

But Cyber Immunity does with:

  1. An approachable methodology (how exactly to organize the process and what results/artefacts are needed at each step)
  2. Design requirements (how exactly the system should be designed to implement Security by Design in a cost-effective way)

Inspired by a story told by Alexey Matyushin, Senior Security Analyst at Kaspersky

Other posts

Blog
How do you create a system that’s resistant to aggressive environments without any additional protection?
20 FEBRUARY 2023 Blog
How do you create a system that’s resistant to aggressive environments without any additional protection?
Read more
Open source and Cyber Immunity
2 JUNE 2023 Blog
Open source and Cyber Immunity
Read more
Trust in Cyber Immune systems
30 JUNE 2023 Blog
Trust in Cyber Immune systems
Read more
The problem of overfitting and Cyber Immunity
12 SEPTEMBER 2023 Blog
The problem of overfitting and Cyber Immunity
Read more
More
© 2020-2024 AO Kaspersky Lab
design by Kaspersky