Page 37 - Cyber Defense eMagazine March 2024
P. 37
A changing regulatory landscape
The US took the lead and introduced the National Cyber Security Strategy in March 2023 which
committed to developing legislation to make software developers liable for security. This was followed by
the QUAD nations (Australia, India, Japan and the United States) releasing the “Joint Principles for
Secure Software” which included an agreement to require security-by-design within government software
procurement rules.
Later in the year, the White House published its Implementation Plan for the National Cyber Security
Strategy which put in place a public-private partnership to drive the development and adoption of software
that is secure-by-design and default. CISA also published recommendations on how software
manufacturers can implement secure design.
This raft of regulation and guidance in 2023 clearly set out the direction of travel for governments and
legislators; the future is security built right into the design of systems themselves, rather than added after
the fact.
So, what is security-by-design and how can organizations begin to put it into practice?
Secure Design and Threat Modeling
To create software that is secure-by-design, we need to identify threats to the security of the data and
assets, and assess and mitigate the risks before we begin building the software.
No software manufacturer sets out to build software that is insecure. But the reality is that developers are
incentivized to get software to market as quickly as possible and worry about security later. However,
trying to fix flaws after software has been built is both time consuming and expensive. So we need to
tackle this issue from the very beginning before a single line of code is written. Threat modeling is how
we do this.
Threat modeling is the process of analyzing software for potential threats and determining the most
effective ways to mitigate them and is fundamental to secure design. Originally developed by Microsoft
in 2005, the threat modeling process can easily be understood using Adam Shostack’s four question
framework designed to help teams build more secure systems:
1. What are we working on?
2. What can go wrong?
3. What are we going to do about it?
4. Did we do a good enough job?
Cyber Defense eMagazine – March 2024 Edition 37
Copyright © 2024, Cyber Defense Magazine. All rights reserved worldwide.