Collaborate Disseminate
Why has the White House remained silent on the launch of a product that violates the spirit and letter of its flagship cybersecurity initiatives?
The post Microsoft’s Recall puts the Biden administration’s cyber credibility on the line appeared first on CyberScoop.
Continue reading Microsoft’s Recall puts the Biden administration’s cyber credibility on the line
Eric Goldstein spoke with CyberScoop about where the Cybersecurity and Infrastructure Security Agency has made progress, lessons learned and what’s next.
The post Departing top CISA official reflects on nearly four years in the cyber hot seat appeared first on CyberScoop.
Continue reading Departing top CISA official reflects on nearly four years in the cyber hot seat
Goldstein has served as the executive assistant director for cybersecurity and worked on a number of key priorities for the agency.
The post Top CISA official Eric Goldstein to depart agency next month appeared first on CyberScoop.
Continue reading Top CISA official Eric Goldstein to depart agency next month
The commitments are voluntary, but CISA officials said they are committed to measuring progress by the signatories across key commitments over the next year.
The post Dozens of tech companies pledge to build safer, more secure tech appeared first on CyberScoop.
Continue reading Dozens of tech companies pledge to build safer, more secure tech
The agency’s request for information on its software security white paper “acknowledges that security by design is not easy,” and that additional comments from manufacturers and other interested parties are needed.
The post CISA seeking comments on its ‘secure by design’ guidance appeared first on CyberScoop.
Continue reading CISA seeking comments on its ‘secure by design’ guidance
Executive assistant director for cybersecurity says the current model “does not account for the capability and the acceleration of the adversaries who we’re up against.”
The post CISA’s Goldstein wants to ditch ‘patch faster, fix faster’ model appeared first on CyberScoop.
Continue reading CISA’s Goldstein wants to ditch ‘patch faster, fix faster’ model
First, there was a strategy. Now, there’s a plan. The Biden Administration recently released its plan for implementing the highly anticipated national cybersecurity strategy published in March. The new National Cybersecurity Strategy Implementation Plan (NCSIP) lays out specific deadlines and responsibilities for the White House’s vision for cybersecurity. The plan is being managed by the […]
The post Cyber experts applaud the new White House cybersecurity plan appeared first on Security Intelligence.
Continue reading Cyber experts applaud the new White House cybersecurity plan
For years, developers and IT security teams have been at loggerheads. While developers feel security slows progress, security teams assert that developers sacrifice security priorities in their quest to accelerate production. This disconnect results in flawed software that is vulnerable to attack. While advocates for speed and security clash, consumers must often pay the price […]
The post Secure-by-Design: Which Comes First, Code or Security? appeared first on Security Intelligence.
Continue reading Secure-by-Design: Which Comes First, Code or Security?
The traditional approach to security has been to get the product to market fast and worry about security later. Unfortunately, that approach has never really worked. It puts too much of the cybersecurity responsibilities on the customer and leaves many vulnerabilities primed for exploitation at any point in the supply chain. As cyber threats become […]
The post Secure-by-Design: A 2023 Cybersecurity Prime appeared first on Security Intelligence.
Continue reading Secure-by-Design: A 2023 Cybersecurity Prime
In this talk (embedded below), brothers Glenn ten Cate and Riccardo ten Cate identify issues in current secure coding practices. They show how to use the Open Web Application Security Project’s security knowledge framework to build apps that… Continue reading OWASP Security Knowledge Framework