For new projects and innovations to examine basic security at the design phase, they need easily available references that speak their language. When these references become available, we get one step closer to bringing security into the project management phase as yet another box to examine -- and to tick.
Preaching "design security in" and "do security first" never got our industry far. We find the bugs later on and annoy everybody.
Better organization of security design patterns can take us that extra step to reaching the hearts and minds of unaware programmers during the design phase -- and before the threats emerge.
Security considerations for new projects written for project managers may make this available knowledge sought after by the programmers to begin with.
It's a front worth exploring. How would you go about it?
Follow Gadi Evron on Twitter: http://twitter.com/gadievron
Gadi Evron is an independent security strategist based in Israel. Special to Dark Reading.