Design Information Security With Failure in Mind

Information security can fail in many ways, despite the best plans and intentions. That’s why we must design the security program with failure in mind. You should be able to detect suspicious activities before they escalate into major incidents. And when the data breach does occur, the security architecture should limit the incident’s scope, dampening the spread of malware or the attacker’s influence to give you time to respond.

We can learn how to account for the eventual failure of controls from the more established industries, such as boat-building. Consider the following excerpt from a stability certificate issued by the U.S. Coast Guard Marine Safety Center to a passenger boat:

The boat was tested to stay afloat even when one of its compartments is flooded. (Click on the excerpt above to see the full text.) The authorities expect the vessel to be designed with failure in mind, recognizing that even when it is built and operated perfectly, an unexpected event may cause a hull breach.

Designing an information security architecture with failure in mind involves accounting for possible issues at network, system and application levels. For instance, accomplishing this at the network level might involve deploying multiple firewalls to segment the environment into several tiers according to risk.

In the words of Denis Waitley, “expect the best, plan for the worst, and prepare to be surprised.”

Hand-picked related items:

Lenny Zeltser


About the Author

I transform ideas into successful outcomes, building on my 25 years of experience in cybersecurity. As the CISO at Axonius, I lead the security program to earn customers' trust. I'm also a Faculty Fellow at SANS Institute, where I author and deliver training for incident responders. The diversity of cybersecurity roles I've held over the years and the accumulated expertise, allow me to create practical solutions that drive business growth.

Learn more