PRO+ Premium Content/Information Security
Access your Pro+ Content below.
The case for cybersecurity by design in application software
This article is part of the Information Security issue of August 2020, Vol. 21, No. 3
Application security is a constant concern for both companies and users. But, although vulnerabilities put corporate and customer data at risk, cybersecurity has historically been an afterthought in software development. In the early days, even the internet didn't have much in the way of security. Thankfully, over the past few years, many companies have realized the benefits of proactively including security from a project's beginning -- making it an inherent part of a product in the design phase, instead of waiting until the final build to determine its security shortcomings. Even so, too many organizations still overlook the importance of taking a cybersecurity-by-design approach throughout the entire product lifecycle -- design, build, release, maintenance and retirement. As a result, data breaches at some of the biggest organizations in the world continue to make headlines. Business drivers like time to market and profitability usually take precedence over security, but consumers are becoming increasingly aware of the impact...
Features in this issue
-
10 tips for cybersecurity awareness programs in uncertain times
Explore the winning tactics and tools CISOs and other cybersecurity leaders are employing in their programs to raise employee security awareness -- and consider how they might work for you.
-
7 security awareness statistics to keep you up at night
As if protecting corporate systems and data wasn't hard enough, beware of another potential foe: those well-meaning but woefully uninformed staff members.
News in this issue
-
Importance of cybersecurity awareness never greater
Security awareness is more essential than ever, but in a world of increasingly sophisticated threats, making it a reality requires more than set-it-and-forget-it training.
Columns in this issue
-
Develop internal cybersecurity talent to build your dream team
Cybersecurity duties have changed, with cloud and coding being essential knowledge now. But CISOs can still build their dream cybersecurity team through internal talent development.
-
The case for cybersecurity by design in application software
Security must be part of IT from the start and then continue through the entire product lifecycle -- design, build, release and maintenance. Consumers now demand it.