An initiative that encourages vendors of security and technology products to take accountability for building them in a more secure manner.
Many technology products are introduced to the market even though they may have missing pieces or flaws that can be exploited by hackers. This places the burden on companies and consumers to dedicate additional resources for addressing these flaws and to subsequently bear the risk of them being exploited. In more mature industries, the inclusion of security and safety principles in the design process has grown over time as manufacturers have realized that building more reliable products results in higher consumer satisfaction and less push back from regulators.
To encourage this maturation, CISA has come up with a voluntary program for software vendors called Secure by Design. Products designed with Secure by Design principles prioritize the security of customers as a core business requirement, rather than merely treating it as a technical feature. During the design phase of a product’s development lifecycle, companies should implement Secure by Design principles to significantly decrease the number of exploitable flaws before introducing them to the market for widespread use or consumption. Out-of-the-box, products should be secure with additional security features such as multi-factor authentication (MFA), logging, and single sign-on (SSO) available at no extra cost.
In this webinar you’ll learn
• What Secure by Design is and why it is important
• How Secure by Design principles keep you safer
• What Customers and Manufactures can do now
Presenter:
William J. Hicks
William J. Hicks is CISA Region 9’s Cyber Outreach Support Specialist located in Oakland, CA. William holds a CompTIA Security+ certification and graduated from the Federal Cyber Defense Skilling Academy (FCDSA). William has a background in Protective Security and Risk Management and has earned a Certified Protection Professional (CPP) from ASIS. Currently, William is studying for a second bachelor’s in computer science with a focus on Secure Software Development.