In this presentation that took place on August 26, 2025, the presenter was Giovanni Williams, Cybersecurity Advisor for Cybersecurity & Infrastructure Security Agency (CISA). The topic is part of CyberHawaii/CISA Fortify Cybersecurity Education Series.

Explanation: Secure by Demand is supported by Secure by Design and Default.
Goal: Bake in security so it’s ready when demanded, not added later.

Objectives:

• Define Secure by Design, Default, Demand
• Explore lifecycle practices
• Learn top secure defaults
• Discuss adoption and governance

Importance of Human Elements of Cybersecurity
• Technology Alone Cannot Secure Organizations, as Human behavior plays a critical Role.
• Attackers Often Exploit Human Vulnerabilities rather than Technical Flaws
• Understanding and Mitigating Human Risk Can Significantly Reduce Security Incidents

Introduction To Identity and Access Management
Definition: Identity and Access and management is the framework of policies, processes, and technologies that ensure the right individuals have the appropriate access to technology resources.

Why it matters:
• Protect Sensitive Data
• Ensure Compliance (HIPPA, GDPR, FISMA, CMMC)
• Reduce the risk of security breaches
• Support Zero Trust Model ( User and Devices should not be trusted by
default)

Many technology products are introduced to the market even though they may have missing pieces or flaws that can be exploited by hackers.  This places the burden on companies and consumers to dedicate additional resources for addressing these flaws and to subsequently bear the risk of them being exploited.  In more mature industries, the inclusion of security and safety principles in the design process has grown over time as manufacturers have realized that building more reliable products results in higher consumer satisfaction and less push back from regulators.

Many technology products are introduced to the market even though they may have missing pieces or flaws that can be exploited by hackers.  This places the burden on companies and consumers to dedicate additional resources for addressing these flaws and to subsequently bear the risk of them being exploited.  In more mature industries, the inclusion of security and safety principles in the design process has grown over time as manufacturers have realized that building more reliable products results in higher consumer satisfaction and less push back from regulators.