By Yogita Parulekar
Security leaders are moving as fast as their budgets and practical organizational considerations allow them to embrace security principles like “secure-by-design”, “zero trust,” and “defense in depth” to strengthen cybersecurity and resilience.
Yogesh Badwe, CSO at Druva, notes that proactive security, including the Secure-by-Design principle, is now top of mind among CSOs, CISOs, CIOs, and BODs. This momentum is driven by best practices, and also by government initiatives such as the U.S. Cybersecurity and Infrastructure Security Agency’s (CISA) push to embed security into systems from the start.
Secure-by-design is exactly what it sounds like: incorporating security from the ground up across IT deployments. It’s fundamentally different from shift left, which moves security checks earlier in the lifecycle but still allows vulnerabilities to be introduced. Secure-by-design aims to eliminate them before they exist.
Three Principles CSOs, CISOs, and CIOs Should Know
Yogesh urges security leaders to think about secure-by-design in the broader context of two other complementary principles:
- Secure-by-Default means that systems and services ship with security features enabled out of the box. Users or developers must actively disable protections if they choose to accept inherent risks in doing so. AWS’s decision to make new S3 buckets private by default is a widely cited example of Secure-by-Default.
- Secure-in-Failure means that layered defenses help ensure that if one control fails, other compensating controls can prevent a breach. This is the advanced evolution of the “defense in depth” model.
- Secure-by-Design means that the architecture itself prevents insecure states from arising. In practical terms, this can mean eliminating insecure options entirely.
Most enterprise environments are an intricate mesh of on-premises systems, public cloud resources, and third-party dependencies and services. Hybrid and multi-cloud deployments further multiply the IT infrastructure’s configuration complexity.
The upshot is that security teams are drowning in alerts about new vulnerabilities, configuration errors, and supply chain risks. In most cases, the reality is that there simply aren’t enough people or hours in the day to patch everything fast enough to address all of these warnings.
Most security processes still depend on human judgment and the hope that the organization’s developers, infrastructure teams, and business units are making the “right” choices.
Real World Examples
The adoption of secure-by-design principles minimizes that dependency. By removing insecure options entirely, it ensures that even well-intentioned but overworked teams can’t inadvertently create exploitable conditions or misconfigurations that threat actors might chain together for a successful breach.
For example, at the application layer, Salesforce’s Force.com platform employs a proprietary query language, SOQL, which is intentionally designed to make SQL injection exploits impossible. Parameterized queries were enforced automatically, preventing developers from creating unsafe queries altogether.
Another example, at the infrastructure layer, is the use of golden images. These are virtual machines, virtual desktops, servers or hard disk drives with minimal operating system builds that contain only the packages needed to run required software. Fewer packages mean fewer vulnerabilities and less patching overhead downstream.
In both cases, security protections are invisible to the end user or developer. Users simply can’t make certain classes of mistakes.
A Culture Shift is Table Stakes
Moving to secure-by-design isn’t just a technical challenge; it’s a cultural one. Development and infrastructure teams are used to a high degree of flexibility and some autonomy. Removing certain choices might be perceived as removing that autonomy.
Security leaders need to build and articulate a business case that highlights the long-term ROI of the culture shift that’s foundational to adopting secure-by-design. A key point to make in driving home that business case is that retrofitting fixes after the fact (the “security tax”) is often far more expensive than building out the infrastructure right the first time.
The conversation changes when stakeholders see that secure-by-design aligns security goals with performance, availability, resilience, and reduced reputational risks – and is the norm in mature engineering disciplines such as aerospace and civil construction. You can’t bolt on safety to an airplane after it’s in the air, and you don’t pour a foundation without following structural codes. Information systems and networks, in cloud or on-prem, should be no different.
In short: IT culture needs to mature.
Greenfield vs. Greyfield
- Greenfield projects offer a clean slate to embed secure-by-design from the outset.
- Greyfield environments require careful retrofitting into complex, existing systems, which are inevitably much more resource-intensive.
In both cases, it is important to measure success with clear KPIs, such as a reduction in classes of vulnerabilities, to gain and maintain the support of executives and boards.
The Bottom Line
Secure-by-design offers a path to reducing risk at scale by eliminating insecure states before they exist, or in the case of greyfields, before they’re exploited.
It complements secure-by-default and secure-in-failure principles, and creates a multi-layered approach that acknowledges the realities of complex modern environments.
CSOs, CIOs and CISOs must champion secure-by-design not as another security “ask,” but as an architectural principle that delivers long-term savings, resilience, and trust – all of which will be increasingly scarce in the era of AI-driven threats.
The sooner that secure-by-design principles and practices are embedded into organizational culture, the sooner security becomes an innovation enabler rather than a bottleneck.
A culture shift is possible when security is not added as an extra check point because that checkpoint is seen to be a friction point. Security must be embedded as part of the existing systems design, development, and deployment phases.
Recent innovations can make the adoption of secure choices easy and frictionless as a foundational part of systems and network designs and deployment, saving time, money, and the headaches of retrofitting for mistakes during inspections, audits, and assessments.
Incorporating secure by design resources, such as the Intelligent Cloud, turns what was considered a security tax into a true security dividend. It generates trust, enables business growth, and by accelerating AI and non-AI cloud provisioning with secure-by-design hyperautomation, it supports ongoing innovation.
About the author:
Yogita Parulekar, CEO of Invi Grid, has more than two decades of experience in technology risk and cybersecurity. She has been head of security & IT, and a cybersecurity leader at an AI, a healthtech, and a fraud risk tech company, as well as Oracle and EY. She is a recognized thought leader and keynote speaker in the security governance space, and an evangelist for security and privacy-by-design principles that ensure systems are built in a way that wins the trust and confidence of their potential customers.
Additional Resource
Video Overview
Follow Brilliance Security Magazine on LinkedIn to ensure you receive alerts for the most up-to-date security and cybersecurity news and information. BSM is cited as one of Feedspot’s top 10 cybersecurity magazines.