NACD (National Association of Corporate Directors)’s Post

Security considerations should be an integral part of software’s design, not an afterthought. Find out how Cloudflare adheres to CISA’s Secure by Design principles to shift the industry. #SecurityWeek #SecureByDesign

🧠A Great Take!🧠 This is an insightful article by Sarah Fluchs, the CTO of admeritia, where she discusses the latest document from the CISA on the topic of "Secure by Design," highlighting the involvement of various security authorities globally. 💬 The article emphasizes not only technical aspects but also the need for manufacturers to communicate specific details to the public, such as high-level threat models, secure software development lifecycle commitments, software bill of materials, and more. Sarah also suggests that transparency is crucial for realistic expectations about a product's security, defining security by design as a communication problem. 💲 The article continues on to address the complex question of who should bear the cost of security by design: CISA asserts that manufacturers should absorb the costs and not charge customers extra for security configurations. However, Sarah expresses skepticism, noting that manufacturers may not integrate features without customer demand or regulatory pressure. She concludes by acknowledging that while the CISA document provides clear answers, the real challenge lies in the ongoing discussions about communication and financing in the realm of security by design. While these concepts may be easy to discuss in a vacuum, the complexity of collaboration among multiple stakeholders leaves more questions than answers. Thankfully, bright minds such as this are opening the door to conversation so that we can security in compromise and discourse. 📣 After you've read through the article, share your thoughts in the comments about the topics discussed, and tag a friend to keep the conversation going! #securityengineering #cie #CISA #securebydesign

Cybersecurity and Infrastructure Security Agency continues their technical leadership with this approach! “When we see a vulnerability or intrusion campaign that could have been reasonably avoided if the software manufacturer had aligned to secure by design principles, we’ll call it out.” Hopefully Big Tech will begin to prioritize modern secure coding principles. #SSDLC

Here's a blog I wrote for Fortinet about the importance of Secure by Design for both producers and consumers of enterprise IT.

*2024: The Year of #Secure #Design* The future is security built right into the design of systems themselves, rather than added after the fact https://lnkd.in/dCWynfWH

When we think of data breaches, we usually recall attacks on large government agencies and huge, multinationals. But in reality, small- and medium-size businesses face the majority of cyber attacks. If this concerns you, download this insightful HP Wolf Security solution brief showing how Wolf Pro Security has solutions designed to protect your organization.

If there's one thing you shouldn't skip, it's an effective security solution! 🔐 Protect your organization more effectively and efficiently with #Cisco Security Suites—end-to-end solutions that increase your protection while reducing the burden of protecting yourself. #IMUKCiscoSocials23 Jennifer Miah Katie Hughes Find out more on #IMflyHigher today:

With the feedback we received in mind, we explored additional tactics to help software manufacturers build more secure products and help customers seek products that are #SecureByDesign Learn more from CISA’s Lauren Zabierek in this interview with WashingtonExec: https://lnkd.in/eqrX5UZ5 Learn more about being Secure by Design: cisa.gov/SecurebyDesign

https://lnkd.in/dYhGEqNX Assessing the technological needs of clients, designing customized solutions, implement the necessary systems. #Cybersecurity #Network #informationSecurity #HardwareImplementation #SoftwareDevelopment