ClickCease Cybersecurity officials implores firms to adopt “secure by design”

Join Our Popular Newsletter

Join 4,500+ Linux & Open Source Professionals!

2x a month. No spam.

U.S. cybersecurity officials implores firms to adopt “secure by design”

by

May 11, 2023 - TuxCare PR Team

U.S. cybersecurity authorities have met with tech leaders and industry groups to advocate for the use of “secure by design” concepts in commercial software. The Cybersecurity and Infrastructure Agency (CISA) and the Department of Energy (DOE) are spearheading the effort to spread these concepts across several industries.

The objective is to limit the amount of vulnerabilities in commercial software and move the cost of cybersecurity maintenance away from customers and onto technology firms. It also intends to keep small and medium-sized organizations, schools, water utilities, and hospitals from having to manage cybersecurity risks on their own if they become victims of ransomware or other assaults.

The CISA’s activities are supplemented by the Department of Energy’s Cyber Informed Engineering Program, which assists industrial enterprises in implementing secure by design principles in their operational technology. The DOE’s Cyber Informed Engineering Program supplements the mission by assisting industrial firms in implementing secure by design solutions in their operational technologies.

The initiative was primarily created for the energy industry and was unveiled last year after Congress approved a strategy to lessen the danger of cyberattacks on physical plants. It has, however, now been broadened to incorporate additional physically designed systems such as structures, space systems, and weapons platforms.

CISA recently organized two listening sessions, one with business partners and one with the open-source community, to examine the concepts contained in the agency’s white paper. Eric Goldstein, CISA’s executive assistant director for cybersecurity, argued in one of them that those who can shoulder the responsibility should be held accountable for delivering secure services by design by default.

According to Cherri Caddy, deputy assistant national cyber director at the Office of the National Cyber Director, the efforts are linked as the United States works toward a future of interconnected infrastructure. She underlined the importance of shifting responsibility for software and system security from end users to manufacturers.

The sources for this piece include an article in CyberScoop.

Summary
Cybersecurity officials implores firms to adopt “secure by design”
Article Name
Cybersecurity officials implores firms to adopt “secure by design”
Description
U.S. cybersecurity authorities have met with tech leaders and industry groups to advocate for the use of "secure by design" concepts.
Author
Publisher Name
TuxCare
Publisher Logo

Looking to automate vulnerability patching without kernel reboots, system downtime, or scheduled maintenance windows?

Become a TuxCare Guest Writer

Mail

Help Us Understand
the Linux Landscape!

Complete our survey on the state of Open Source and you could win one of several prizes, with the top prize valued at $500!

Your expertise is needed to shape the future of Enterprise Linux!