DevSecOps, Vulnerability Management

US, others push for new software design with reduced consumer cyber burden

ABC News reports that software manufacturers have been urged by the U.S.'s Cybersecurity and Infrastructure Security Agency, National Security Agency, and FBI, as well as other international law enforcement agencies to overhaul their software and development programs to ensure the delivery of consumer products adhering to Secure-by-Design and -Default principles in a bid to reduce customers' cybersecurity burden. "Products that are Secure-by-Design are those where the security of the customers is a core business goal, not just a technical feature. Secure-by-Design products start with that goal before development starts. Secure-by-Default products are those that are secure to use "out of the box" with little to no configuration changes necessary and security features available without additional cost," said the alert. The alert noted that software firms should be willing to share information that could foster customer system security with other vendors, as well as establish leadership tasked with adopting the Secure-by-Design and Secure-by-Default principles.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms of Use and Privacy Policy.

You can skip this ad in 5 seconds