Demand for 'Secure by Design' Product Growing, Creating Opportunity for Software Security Specialization

February 15, 2024

3 Min Read


Alexandria, Va., February 15, 2024 – ISC2  the world’s leading nonprofit member organization for cybersecurity professionals – today announced the launch of Certified Secure Software Lifecycle Professional (CSSLP) Self-Paced Training designed with a personalized, adaptative learning experience to guide the participants along pathways tailored to their individual needs based on prior knowledge, learning speed and confidence levels. The CSSLP certification signifies advanced skills in authentication, authorization, and auditing throughout the software development lifecycle (SDLC).

As the number of software supply chain attacks continues to rise, governments around the world are responding with increasing regulation and requirements for application developers, requiring more expertise in secure software development, creating more career growth opportunities for cyber pros and software developers.

Following guidelines published by the U.S. Cybersecurity & Infrastructure Security Agency (CISA), in collaboration with 17 U.S. and international partners, on "Secure by Design" products, as well as the report on “Secure by Design Approach” from the UK Government, supported by the Government Security Group and the National Cyber Security Centre (NCSC), ISC2 expects regulation on secure software development, along with demand from the market, to significantly impact the software development process in the coming years.

According to a recent Gartner report , SDLC attacks have affected 61% of U.S. businesses from April 2022-2023. Additionally, the ISC2 Cybersecurity Workforce Study reported that 26% of respondents indicated a skills gap at their organizations in application security, and 23% anticipate application security skills to be most in-demand for security professionals looking to advance their careers through new jobs and promotions.

“This is an opportunity for ISC2 members – and other professionals – to increase their skills and demonstrate their expertise in secure technology development and lifecycle management,” said ISC2 CEO Clar Rosso, CC. “As the market, including regulators, increasingly demand that technology be ‘secure by design’ and concerns about the safety of the AI ecosystem increase, the CSSLP supports security pros and developers in building in-demand skills. Plus, our adaptative training format focuses professionals’ time in the areas where they need it most.”

Using AI to Optimize Learning

The CSSLP Self-Paced training utilizes AI-based technology to deliver adaptive, personalized, non-linear learning which is tailored to individual learners’ needs. Each learner has a unique journey through content and is assessed in the flow of learning. The amount and type of content a learner engages with will depend on their level of understanding, interest, and motivation. The learner can rely on technology to lead their learning journey, or they can take control and select what topics or domains to focus on and when.

For more information on CSSLP Self-Paced Training, visit

About ISC2

ISC2 is the world’s leading member organization for cybersecurity professionals, driven by our vision of a safe and secure cyber world. Our more than 600,000 members, candidates and associates around the globe are a force for good, safeguarding the way we live. Our award-winning certifications – including cybersecurity’s premier certification, the CISSP® – enable professionals to demonstrate their knowledge, skills and abilities at every stage of their careers. ISC2 strengthens the influence, diversity and vitality of the cybersecurity profession through advocacy, expertise and workforce empowerment that accelerates cyber safety and security in an interconnected world. Our charitable foundation, The Center for Cyber Safety and Education, helps create more access to cyber careers and educate those most vulnerable. Learn more and get involved at Connect with us on X, Facebook and LinkedIn.

Keep up with the latest cybersecurity threats, newly discovered vulnerabilities, data breach information, and emerging trends. Delivered daily or weekly right to your email inbox.

You May Also Like

More Insights