After joining the Cybersecurity and Infrastructure Security Agency’s (CISA) Secure by Design Pledge in May, Google released its strategy on Tuesday for how it’s meeting the pledge’s seven security goals.   […]

The Cybersecurity and Infrastructure Security Agency (CISA) and the FBI released draft guidance on product security bad practices last week, highlighting practices that are deemed “exceptionally risky” and providing recommendations for software manufacturers to mitigate these risks.  […]

A total of 68 tech firms have signed onto the Cybersecurity and Infrastructure Security Agency’s (CISA) Secure by Design pledge under which they will use best efforts over the next year to build better security into their products. […]

Cybersecurity and Infrastructure Security Agency (CISA) Director Jen Easterly said her agency is due to reveal later on Wednesday at the RSA Conference in San Francisco that 60 tech companies will be signing onto a voluntary secure-by-design pledge to make their technology products more secure against ransomware and other forms of cyberattacks. […]

As the Cybersecurity and Infrastructure Security Agency (CISA) celebrates the one-year anniversary of its Secure by Design initiative, the agency is looking to elevate the effort in public conversation and have customers make more demands of software vendors. […]

The head of the Cybersecurity and Infrastructure Security Agency (CISA) said today that the Federal government has a “powerful” ability to mandate security standards for software vendors through its procurement process. […]

The former policy lead for the Department of Defense (DoD) under President Barack Obama said Tuesday that while the Biden administration’s National Cybersecurity Strategy (NCS) calls for secure-by-design technology principles, the White House doesn’t actually have the authority to regulate that. […]

The White House Office of the National Cyber Director (ONCD) released a report today calling on the technical community to proactively reduce the attack surface in cyberspace by adopting memory safe programming languages and developing better cyber diagnostics. […]

The Cybersecurity and Infrastructure Security Agency (CISA) issued a formal request for information (RFI) in the Federal Register today looking for feedback on its secure-by-design software practices. […]

The Cybersecurity and Infrastructure Security Agency (CISA) and 17 international partners rolled out the first new batch of updates to its “secure-by-design” guidance document Monday. […]

The Cybersecurity and Infrastructure Security Agency (CISA) is looking to change the technology ecosystem through its secure-by-design and -default guidelines, and CISA officials explained the agency’s plan to foster this ecosystem at the Black Hat USA Conference in Las Vegas last week. […]

The Cybersecurity and Infrastructure Security Agency (CISA) published its secure-by-design and -default guidance today, which CISA Director Jen Easterly said is all about driving down cyber vulnerabilities to near zero. […]