Peer Reviewed

Secure Systems Development

A secure IT system needs to be a resilient and available IT system. Good security doesn’t usually happen by accident. Secure Systems Development is rooted in good engineering practices. Many security issues that occur can be traced back to problems that could have been avoided at the design and build stages or prevented through good management and effective maintenance engineering. Development starts with understanding what you need to protect and the consequences of that protection failing, an understanding that is formed by thinking about what you have, who could compromise it, why they might want to and how that could happen. The secure IT system affords appropriate security functionality to its users and exhibits the right security characteristics. Secure Systems Development is a responsibility that has to be shared by all those contributing to the systems development lifecycle; some will of course have greater responsibility than others but all need to recognise that they should be aware of risks, follow good practices and report anything that doesn’t seem right. Whilst much of the security of a system can be attributed to the technologies used and the processes that are in place, ultimately it is the people that make up the teams that build and operate the system who really make the difference. Even the best security products are likely to fail if they are not implemented and operated correctly.

Go to the profile of John Alcock
Dec 09, 2016

Please sign in or register for FREE

Register to E&T Cyber Security Hub

E&T Cyber Security Hub brings together engineers and cyber security specialists to share practical know-how. With content created ‘by engineers, for engineers,’ it provides peer-reviewed technical information, real-world insights, lessons learnt and case studies, as well as tools for networking and knowledge-sharing, profiles of experts and the opportunity for companies to showcase their expertise.


No comments yet.