Cybersecurity principles of IT focus on a set of practices intended to keep a corporate infrastructure secure. These practices include, but are not limited to, system, data, internal, external, and physical security. The principles are designed to prevent unauthorized access or alterations of a corporate environment. By understanding how cybersecurity principles are defined, they can then be used to develop a comprehensive, corporate-specific security policy.
Using the format of your choice, create a chart that defines the principles of cybersecurity listed below:
- Separation (of domains/duties)
- Isolation
- Encapsulation
- Modularity
- Simplicity of Design (economy of mechanism)
- Minimization of implementation (least common mechanism)
- Open Design
- Complete Mediation
- Layering (defense in depth)
- Least Privilege
- Fail-Safe Defaults (open/secure)
- Least Astonishment (psychological acceptability)
- Minimize Trust Surface (reluctance to trust)
- Usability
- Trust Relationships
For each of the principles listed, include the following:
- Definition of the cybersecurity principle (1-2 sentences written in your own words).
- Description for why each principle is important to security and how it enables the development of security mechanisms to implement desired security policies.
- Include an in-text citation for each principle listed.