Building Resilient Layered Defenses with a Cyber FMEA
Using Failure Mode effects Analysis (FMEA) as a means for validating security defenses and understanding and preparing for failure of tools.
Most organizations have underutilized security capabilities at their fingertips, as vendors frequently add new features that are not enabled by default. Rather than overspending on new security tools, optimize what you have, reducing attack surface and complexity.
The practice of threat modeling is an important component of a Secure by Design approach. It’s where we identify the product or system we are working on and analyze threats and weaknesses we want to mitigate to avoid undesirable consequences. We should be left with a set of achievable outcomes we can implement, monitor, and measure and work into future threat modeling cycles in a continuous fashion to reduce risk in our environment.
The topic of Secure by Design encompasses the practice of designing for security as a functional requirement. It embodies a culture of understanding and empowerment in pursuit of designing and implementing more resilient systems.