Cybersecurity Architecture: Five Principles to Follow (and One to Avoid)


  1. Defense in Depth: e.g. MFA -> VPN -> Password
  2. Least Privilege: only give required privilege
  3. Seperation of Duties: one thing can be done via two or more actors
  4. Secure by Design: make security from start to end
  5. KISS: the complexity of security system will make it unsecure
  1. NOT Security by Obscurity: Kerckhoffs’s principle e.g. AES and RSA encrypting algorithms

Summary: greate for making security desisions