Report a cybercrime, cyber security incident or vulnerability.
Report

What are you looking for?

You can search for keywords to find pages that can help you e.g. scam
First published: 10 Feb 2025
Last updated: 23 Oct 2025

Content written for

Small & medium business
Large organisations & infrastructure
Government

Modern defensible architecture explained

In collaboration with our international partners, the Australian Signals Directorate (ASD)’s Australian Cyber Security Centre (ACSC) has released a new publication series on modern defensible architecture (MDA). This series provides practical guidance to help organisations plan, invest in and implement MDA effectively.

Organisations can use this series to:

  • Understand the core principles of MDA
  • Align architectural design with business and security objectives
  • Develop a clear roadmap for investment and implementation

MDA focuses on

  1. Layered architecture and traceability of architectural designs to business and security objectives
  2. zero trust principles of “never trust, always verify”, “assume breach” and “verify explicitly”, implemented through zero trust architecture
  3. secure-by-design practices that institute a security mindset within organisations when it comes to procuring or developing software products and services.

Why you should adopt modern defensible architecture

Designing and implementing MDA takes time, resources, and investment. However, adopting MDA delivers significant long-term benefits, including:

  • Improved organisational resilience against evolving cyber threats
  • Continuous and secure delivery of business services
  • Empowered users who can work securely from any location
  • Greater visibility and assurance of compliance with security policies.

MDA provides a clear framework to plan and invest in technologies that strengthen your organisation’s cyber defences.

Featured publications

Foundations for modern defensible architecture

This publication outlines the organisational goals and capabilities that support efficient adoption of zero trust technologies and architecture. Originally released for consultation in February 2025, the MDA Foundations have been updated with additional clarity, technical detail and threat context.

Modern defensible architecture for senior decision-makers

This publication supports senior leaders to understand the current threat landscape and how MDA can help defend against contemporary and emerging cyber threats.

Investing in modern defensible architecture

This publication guides organisations through developing an MDA investment roadmap, tailored to business strategy, risk profile, and threat context.

Feedback

Encouraging and enabling manufacturers and consumers to uplift their security via a secure-by-design approach is a core priority for the Australian Signals Directorate (ASD)’s Australian Cyber Security Centre (ACSC). Modern defensible architecture is an ongoing work stream empowered through engagement, the release of enabling tools and guidance, and the uplift of better-practice security standards across the Australian digital landscape.

If you would like to share your ideas or provide feedback, please get in touch.

Was this helpful?
Yes this was helpful
No this was not helpful

Thanks for your feedback!

We welcome additional feedback below.

Rate this product’s level of technical advice:
Rate this product’s usefulness:
Rate the product’s quality of analysis:
Rate the product’s timeliness: