Access your Pro+ Content below.
The case for cybersecurity by design in application software
This article is part of the Information Security issue of August 2020, Vol. 21, No. 3
Application security is a constant concern for both companies and users. But, although vulnerabilities put corporate and customer data at risk, cybersecurity has historically been an afterthought in software development. In the early days, even the internet didn't have much in the way of security. Thankfully, over the past few years, many companies have realized the benefits of proactively including security from a project's beginning -- making it an inherent part of a product in the design phase, instead of waiting until the final build to determine its security shortcomings. Even so, too many organizations still overlook the importance of taking a cybersecurity-by-design approach throughout the entire product lifecycle -- design, build, release, maintenance and retirement. As a result, data breaches at some of the biggest organizations in the world continue to make headlines. Business drivers like time to market and profitability usually take precedence over security, but consumers are becoming increasingly aware of the impact...
Features in this issue
Explore the winning tactics and tools CISOs and other cybersecurity leaders are employing in their programs to raise employee security awareness -- and consider how they might work for you.
As if protecting corporate systems and data wasn't hard enough, beware of another potential foe: those well-meaning but woefully uninformed staff members.
News in this issue
Security awareness is more essential than ever, but in a world of increasingly sophisticated threats, making it a reality requires more than set-it-and-forget-it training.
Columns in this issue
Cybersecurity duties have changed, with cloud and coding being essential knowledge now. But CISOs can still build their dream cybersecurity team through internal talent development.
Security must be part of IT from the start and then continue through the entire product lifecycle -- design, build, release and maintenance. Consumers now demand it.