What it Means to Be Secure by Design and Secure by Default
Every technology provider must take ownership at the executive level to ensure their products are both secure by design and secure by default.
What is Secure by Design?
Secure by Design products are those where the security of the customers is a core business requirement, not just a technical feature. Secure by Design principles should be implemented during the design phase of a product’s development lifecycle to dramatically reduce the number of exploitable flaws before they are introduced to the market for broad use or consumption.
What is Secure by Default?
Secure by Default products are those that are secure to use out of the box, with little to no configuration changes and are available at no additional cost, such as multi-factor authentication (MFA), gather and log evidence of potential intrusions, and control access to sensitive information.
This first-of-its-kind joint guidance urges manufacturers to take urgent steps necessary to ship products that are secure-by-design and -default. In addition to specific technical recommendations, this guidance outlines several core principles to guide software manufacturers in building software security into their design processes prior to developing, configuring, and shipping their products.
Many private sector partners have made invaluable contributions toward advancing security-by-design and security-by-default. With this joint guide, the authoring agencies seek to progress an international conversation about key priorities, investments, and decisions necessary to achieve a future where technology is safe, secure, and resilient by design and default.
If you are interested in finding out more about the IISF, or would like to attend one of our Chapter Meetings as an invited guest, please contact the
IISF Secretary:
By email:
secretary@iisf.ie
By post:
David Cahill
Information Security
GPO, 1-117
D01 F5P2
Enhance your Cybersecurity knowledge and learn from those at the coalface of information Security in Ireland
Invitations for Annual Sponsorship of IISF has now reopened.
Sponsors are featured prominently throughout the IISF.IE website, social media channels as well as enjoying other benefits Read more