Secure by Design is a cross-government initiative that sets out what we need to do to incorporate effective cyber security practices into our digital delivery.
It is mandatory for government departments and arm's length bodies (ALBs).
The aim of Secure by Design is to increase our cyber resilience and improve how we share data with other organisations. To do this we need to ensure cyber security is built into our systems and services from the start. The benefits of this are:
- we'll be less likely to suffer cyber attacks
- we'll be able to detect attacks earlier and respond more effectively, reducing the impact to the services we provide to the education sector
This approach provides:
- risk-driven activities for building appropriate and proportionate cyber security controls within digital services
- clarity on roles and responsibilities to manage security risks and improve security culture
- practical guidance and tools to achieve the Cyber Assessment Framework (CAF) outcomes as part of GovAssure
Read the Secure by Design policy and principles to find out more.