Inside CISA’s ‘Secure by Design’ Framework
CISA’s “secure by design” framework is helping software manufacturers bake cybersecurity into products as part of an effort to implement the National Cyber Strategy that the White House released earlier this year. Cybersecurity has traditionally been treated as an afterthought in technology. CISA wants to change that.
CISA Senior Advisor Lauren Zabierek discusses what it means to be secure by design, what the new framework outlines and what it means for vendors and the development community. You’ll hear more about the framework’s three principles:
- Take ownership of customer security outcomes.
- Embrace radical transparency and accountability.
- Lead from the top.
For more secure by design resources:
- CISA’s Secure By Design: https://www.cisa.gov/securebydesign
- Secure by Design white paper: https://www.cisa.gov/resources-tools/resources/secure-by-design
- CISA’s Case for Memory Safe Roadmaps: https://www.cisa.gov/case-memory-safe-roadmaps
-
Lauren Zabierek Senior Advisor CISA
-
Inside Oak Ridge National Lab’s Pioneer Approach to AI
Energy Department’s Oak Ridge National Lab transforms AI vulnerabilities into strategic opportunities for national defense.
22m listen -
AI Enables Coast Guard’s Workforce to Transform Operations
The Coast Guard’s Deputy CIO Brian Campo delves into the ways AI is pushing the service to rethink its core services, workforce and operations.
14m watch -
DOL Turns to Workforce Development to Maintain AI Superiority
DOL is bridging the AI skills gap through partnerships and upskilling to ensure future AI workforce readiness.
10m watch -
AWS Summit: A DOE National Lab Uses GenAI to Boost Efficiency
Lawrence Livermore National Lab launches a new generative AI tool to drive operational efficiency at the National Ignition Facility.
9m listen -
AWS Summit: Idaho National Lab’s AI Applications in Nuclear Technology
The lab is using AI and concepts like digital twins to enhance nuclear research and embed the technology in operations.
23m listen -
AWS Summit: Innovation Accelerates IT Delivery at DOD
Marine Corps Community Services is tackling outdated IT processes with agile development and cutting-edge cloud security to deliver mission-critical capabilities faster.
12m watch -
AWS Summit: NIST Secures High-Performance Computing Against Evolving Threats
NIST’s Yang Guo reveals the broad attack surface of high-performance computing and explains developing guidance and future-proofing security strategies.
9m watch -
VA Plans Future EHR Deployment on Facility Relationships
VA’s EHR program is expected to restart in 2026 and will plan deployment based on pre-existing relationships between facilities to drive interoperability.
21m watch -
Trump Overhauls Federal Cybersecurity with New Executive Order
The new directive aims to strengthen digital defenses while rolling back "burdensome" software requirements and refocusing AI security.
3m read -
AWS Summit: Forging Successful Cloud Modernization Partnerships
Industry leaders share insights on the critical role industry partnerships have in enabling government agencies to navigate procurement challenges for cloud and zero trust solutions.
24m watch Partner Content -
CISA's CVE Program and Why it Matters for Zero Trust
The vulnerability program provides the cybersecurity community visibility into software as part of a key pillar of CISA's zero trust model.
5m read -
Human-AI Collaboration is Key to Secure Government Systems
Former CIA security chief emphasizes training and international standards for effective AI implementation.
23m watch
