In episode 107 of Cybersecurity Where You Are, Sean Atkinson and Tony Sager are joined by Steve Lipner, Executive Director of SAFECode. Together, they discuss how software development organizations can use principles of "secure by design" to get on a track of continuous improvement.

Here are some highlights from our episode:

• 01:38. Steve's background and thoughts on the emergence of secure by design
• 14:04. Three guiding principles of secure software development
• 16:13. The impact of security awareness from a developer's perspective
• 22:22. How threat modeling helps to address security as a system problem
• 25:37. The effect of modern software development methodologies like Agile and DevSecOps
• 30:29. What CISA's activity around secure by design means for the industry

Resources

• SAFECode
• Secure Software Development Framework (SSDF)
• Embedded IoT Security: Helping Vendors in the Design Process
• Episode 95: AI Augmentation and Its Impact on Cyber Defense

If you have some feedback or an idea for an upcoming episode of Cybersecurity Where You Are, let us know by emailing [email protected].