Secure by design: what we can learn from the financial services sector

More than 250 companies have signed the “Secure-by-Design” (SBD) pledge from the Cybersecurity and Infrastructure Security Agency (CISA). By committing to the voluntary pledge, software manufacturers are promising to increase multi-factor authentication (MFA) for products; better enable customers to do their own patching; reduce default passwords; and decrease vulnerabilities, among additional proactive, protective practices.

By embedding cyber defense from the outset of product development and system architecture, SBD is intended to transform cybersecurity from an afterthought to an essential, core element of design. Companies that fail to adopt this approach run the risk of falling behind in their security and compliance maturity, while losing consumer trust. They also could run into some very expensive problems, as the average cost of a data breach has increased to $4.88 million – up from $4.45 million in 2023.

Implementing an SBD strategy

So how do organizations effectively implement an SBD strategy? They ...