CISA Live! Presents Secure by Design
HTML-код
- Опубликовано: 26 сен 2024
- 0It’s been one year since we launched the Secure by Design initiative with our domestic and international partners! We’ve been busy turning principles into progress, creating a Secure by Design Alert series, publishing blogs and starting to reframe the cybersecurity conversation to focus more on software manufacturers and less on bad cyber actors.
There’s still a long way to go, but we’re off to a great start and we are proud to share some of the progress we’ve made toward moving to a world that’s secure by design: go.dhs.gov/JyD #SecurebyDesign
00:00 Intro
01:05 What is Secure By Design?
02:50 Secure By Design Principle 1
05:21 Secure By Design Principle 2
08:00 Secure By Design Principle 3
10:01 Myth or Fact: Customers aren't patching enough/don't have enough defenders
16:43 Myth or Fact: Principle 1 puts the burden on the manufacturer
21:04 Myth or Fact: Secure By Design software will cost more
27:38 The manufacturer has limited consequences when bad code is released, how can this be changed?
30:48 How can orgs who don't design software help push vendors to be Secure by Design?
31:51 Myth or Fact: Does Bob use broader terms intentionally?
34:39 Myth or Fact: CISA seems focused on classes of vulnerability
39:16 Myth or Fact: We will never be 100% secure
41:47 Myth or Fact: You are depressing and don't have anything positive to say
44:05 Credits