US CISA will release secure-by-design principles

The Cybersecurity and Infrastructure Security Agency plans to release its secure-by-design principles this week to encourage the adoption of safe coding practices, which are a core part of the Biden administration’s recently released national cybersecurity strategy.

 Book, Publication, Accessories, Text

The Director of the Cybersecurity and Infrastructure Security Agency (CISA), Jen Easterly, has announced the agency’s plans to release principles promoting safe coding practices. These principles are a crucial aspect of the recently released national cybersecurity strategy announced by the Biden administration.

Easterly emphasised that the document is not intended to be the ultimate guide to secure design but rather a vital step in shifting the responsibility of cybersecurity from individual users and small businesses to software companies. Easterly repeated those principles for software vendors: taking ownership of security outcomes for their customers, providing ‘radical transparency’ to their customers, and improving design quality in products by focusing on building safe products. ‘It’s incredibly important that we now focus on ensuring that the software that powers our lives is secure by design and secure by default,’ she said during the CrowdStrike Government Summit in Washington on Tuesday, 11 April.