Capability Driven Development (CDD) is a capability-based method for developing context-aware and adaptive systems. This paper proposes to extend CDD to address security and resilience concerns in organizational networks. A method extension defining modeling concepts and development procedure is elaborated. It includes development of a data-driven digital twin, which represents the security and resilience concerns of the network and is used to diagnose security incidents and to formulate a resilient response to these incidents. Application of the proposed method extension is illustrated using examples of secure computer network governance and secure supplier onboarding.