{"id":3494,"date":"2024-05-09T06:32:08","date_gmt":"2024-05-09T11:32:08","guid":{"rendered":"https:\/\/www.darkreading.com\/endpoint-security\/tech-companies-promise-secure-by-design-products"},"modified":"2024-05-09T06:32:08","modified_gmt":"2024-05-09T11:32:08","slug":"tech-companies-promise-secure-by-design-products","status":"publish","type":"post","link":"https:\/\/ddi.mohflo.net\/index.php\/2024\/05\/09\/tech-companies-promise-secure-by-design-products\/","title":{"rendered":"Tech Companies Promise ‘Secure by Design’ Products"},"content":{"rendered":"
<\/a><\/div>\n
<\/div>\n

RSA CONFERENCE 2023 \u2013 San Francisco \u2013 <\/span><\/span>More than 60 vendors have signed the <\/span>Secure by Design pledge<\/a><\/span> \u2014 a commitment to develop secure products spearheaded by the Cybersecurity and Infrastructure Security Agency (CISA).<\/span><\/p>\n

CISA <\/span>defines “secure by design”<\/a><\/span> products as “those where the security of the customers is a core business requirement, not just a technical feature.” Companies that adopt these principles are promising to consider security during the design phase and throughout the product life cycle to <\/span>create more resilient products<\/a><\/span>.<\/span><\/p>\n

Instead of putting the onus of security on individuals and small businesses, the goal is to put the responsibility on the manufacturers that are making the products. The voluntary pledge focuses on enterprise software products and services, including cloud services, software-as-a-service, and on-premises software.<\/span><\/p>\n

“There is a real urgency that everybody in this room not only feels but is highly aware of, and it is all about developing new and retrofitting older technologies and software with security as a core consideration,” said CISA Director Jen Easterly at the RSA Conference in San Francisco this week.<\/span><\/p>\n

Signatories to the pledge are asked to consider seven core goals and demonstrate their progress toward meeting those goals within one year. How they demonstrate progress, and the order they address the goals, is up to the individual companies, and there are no penalties for falling short. The goals are:<\/span><\/p>\n

\n