Inside CISA’s ‘Secure by Design’ Framework
CISA’s “secure by design” framework is helping software manufacturers bake cybersecurity into products as part of an effort to implement the National Cyber Strategy that the White House released earlier this year. Cybersecurity has traditionally been treated as an afterthought in technology. CISA wants to change that.
CISA Senior Advisor Lauren Zabierek discusses what it means to be secure by design, what the new framework outlines and what it means for vendors and the development community. You’ll hear more about the framework’s three principles:
- Take ownership of customer security outcomes.
- Embrace radical transparency and accountability.
- Lead from the top.
For more secure by design resources:
- CISA’s Secure By Design: https://www.cisa.gov/securebydesign
- Secure by Design white paper: https://www.cisa.gov/resources-tools/resources/secure-by-design
- CISA’s Case for Memory Safe Roadmaps: https://www.cisa.gov/case-memory-safe-roadmaps
-
Lauren Zabierek Senior Advisor CISA
-
IHS CISO Says Zero Trust Strengthens Patient Safety, Care Delivery
IHS is embedding zero trust into its EHR system to protect health data and ensure secure, uninterrupted patient care.
2m read -
FBI Scales Defensive AI to Strengthen Cybersecurity Operations
FBI officials say artificial intelligence will help automate threat detection and strengthen national security.
2m read -
Executing the RMF as an Engineering Discipline, Not a Paperwork Exercise
The Risk Management Framework aligns security with system design and operational telemetry to enable continuous, real-time authorization.
6m read -
A Look at VA's 2026 Restart for EHR Rollout
Dr. Neil Evans shares updates on the agency’s 2026 rollout restart, lessons learned, and how the new system will improve care for veterans and military personnel.
5m watch
