Manifesto for Modern Cybersecurity

We believe modern cybersecurity, especially for digital companies with cloud-native operations, requires a different mindset and operating model such that:

Assume compromise, but expose no single point of compromise.
Track everything since you cannot protect what you can’t see.
Engage everyone for there is power in the crowd; two is stronger than one.
Automation is key because people don't scale and changes are constant.
Build products that are secure by design and secure by default.
Favor transparency over obscurity, practicality over process, and usability over complexity.

We must keep security simple, open, collaborative, enabling and rewarding.

* * *

Spread the word.

Join us to spread the word and influence positive changes. Together we can foster a stronger cybersecurity community.

Authors,
@erkang and @zanelackey.

Contributors,
@hemp, @mdlavin, @philidem, and @ptlamar.