Your organization initiated a project to develop an E-Commerce web system. As a security professional, you have to research, implement and manage engineering processes using secure design principles. Which of the following is the first principle you are most likely to employ in terms of the SDLC?
A. Trust but verify
B. Threat modeling
C. Privacy by design
D. Shared responsibility

Kindly be reminded that the suggested answer is for your reference only. It doesn’t matter whether you have the right or wrong answer. What really matters is your reasoning process and justifications.

My suggested answer is C. Privacy by design.

The European GDPR incorporates privacy by design, which calls for privacy to be taken into account throughout the whole engineering process. (Wikipedia) Privacy impact analysis is even conducted in the initiation phase before an engineering project is started, as shown in the NIST SDLC.

Threat Modeling

Threat modeling can be viewed as specialized risk management in the context of system engineering. Because of many threat modeling practices and methodologies, people may implement them diversely and inconsistently. Some argue it should be conducted throughout the whole engineering process, while most do it in the design phase.

Trust But Verify

“Trust but verify” is translated Russian proverb and became well-known because of President Ronald Reagan at the signing of the INF Treaty on 8 December 1987. It is not well defined in the context of cybersecurity. Some treat it the same as “Zero Trust,” but others don’t. Some think it’s not enough today, and it should be replaced by “verify, verify, verify” or “Zero Trust.” IMO, trust but verify is the same as zero trust.

Shared Responsibility

Shared responsibility is a model used in cloud computing that defines the responsibility boundary between the cloud customer and the cloud service provider.

Reference

• Privacy by design
• Threat model
• Trust, but verify
• IS Audit Basics: Trust, but Verify
• Trust But Verify: The Production of Information in Arms Control Treaties and Other International Agreements
• Trust, but Verify…Secure Remote Monitoring for Your Data Center
• 3 Cybersecurity Companies That Don’t Trust “Trust but Verify”
• “Trust, but Verify…”
• Zero Trust Network Security – trust but verify!
• Not so much “Zero Trust” as “Trust, but Verify”
• When “Trust but Verify” Isn’t Enough: Life in a Zero Trust World
• Trust but Verify: Why Cybersecurity Is Important for Construction Contractors
• Shared Responsibility Model Explained
• Shared Responsibility Model
• Shared responsibility in the cloud
• KISS principle

A BLUEPRINT FOR YOUR SUCCESS IN CISSP

My new book, The Effective CISSP: Security and Risk Management, helps CISSP aspirants build a solid conceptual security model. It is not only a tutorial for information security but also a study guide for the CISSP exam and an informative reference for security professionals.

• It is available on Amazon.
• Readers from countries or regions not supported by Amazon can get your copy from the author’s web site.

您的組織啟動了一個開發電子商務Web系統的專案。 作為安全專家，您必須使用安全設計原則來研究、實施和管理工程流程。 從系統開發生命週期的角度來看，您最有可能首先採用以下哪項原則？
A. 信任但要驗證 (Trust but verify)
B. 威脅建模 (Threat modeling)
C. 設計隱私 (Privacy by design)
D. 分擔責任 (Shared responsibility)