Threat Modeling for Critical Infrastructure
Featured article
A discussion of the importance of critical function understanding to establish a consequences-centric security engineering approach
Most organizations have underutilized security capabilities at their fingertips, as vendors frequently add new features that are not enabled by default. Rather than overspending on new security tools, optimize what you have, reducing attack surface and complexity.
Cyber Informed Engineering a methodology proposed by US Department of Energy to establish Secure by Design thinking in the engineering process to achieve Critical Function Assurance. It leverages 12 core principles focused on reducing the consequences of failure for an organization's most critical functions.
The topic of Secure by Design encompasses the practice of designing for security as a functional requirement. It embodies a culture of understanding and empowerment in pursuit of designing and implementing more resilient systems.