One Year Later: CISA’s Secure by Design Initiative


            By Joel Krooswyk, Federal CTO, GitLab Inc.



            In April 2023, the Cybersecurity and Infrastructure Security Agency (CISA) unveiled the Secure by Design
            initiative, setting a new standard  for security across the industry. The initiative urges vendors to create
            secure software before it goes to market, relieving end-users of the responsibility for product security.

            CISA's  Secure  by  Design  initiative  reflects  the  federal  government's  commitment  to  strengthening
            cybersecurity with three software security principles:

               1.  Take ownership of customer security outcomes.
               2.  Embrace radical transparency  and accountability.
               3.  Build organizational structure and leadership to achieve these goals.

            Now  that  it  is  entering  its  second  year,  vendors  should  expect  more  guidance  from  CISA  and  other
            agencies  about  how  software  is  designed,  developed,  and  delivered  -  and  stay  up-to-date  on  what’s




            Cyber Defense eMagazine – July 2024 Edition                                                                                                                                                                                                          189
            Copyright © 2024, Cyber Defense Magazine. All rights reserved worldwide.