Security Design Goes With Secure Coding

When professionals without security awareness plan a project, security is often left out. The result costs money in the long run. What can we do to make it better?

Gadi Evron, CEO & Founder, Cymmetria, head of Israeli CERT, Chairman, Cyber Threat Intelligence Alliance

July 1, 2009

1 Min Read

When professionals without security awareness plan a project, security is often left out. The result costs money in the long run. What can we do to make it better?A multitude of Websites, guides, best practices, and books exist about security design and secure coding. But the information as a whole is not very organized. It's time for security-design patterns to be considered as important as any secure coding effort.

For new projects and innovations to examine basic security at the design phase, they need easily available references that speak their language. When these references become available, we get one step closer to bringing security into the project management phase as yet another box to examine -- and to tick.

Preaching "design security in" and "do security first" never got our industry far. We find the bugs later on and annoy everybody.

Better organization of security design patterns can take us that extra step to reaching the hearts and minds of unaware programmers during the design phase -- and before the threats emerge.

Security considerations for new projects written for project managers may make this available knowledge sought after by the programmers to begin with.

It's a front worth exploring. How would you go about it?

Follow Gadi Evron on Twitter: http://twitter.com/gadievron

Gadi Evron is an independent security strategist based in Israel. Special to Dark Reading.

Read more about:

2009

About the Author(s)

Gadi Evron

Gadi Evron

CEO & Founder, Cymmetria, head of Israeli CERT, Chairman, Cyber Threat Intelligence Alliance

Gadi is CEO and founder of Cymmetria, a cyber deception startup and chairman of the Israeli CERT. Previously, he was vice president of cybersecurity strategy for Kaspersky Lab and led PwC's Cyber Security Center of Excellence, located in Israel. He is widely recognized for his work in Internet security and global incident response, and considered the first botnet expert. Gadi was CISO for the Israeli government Internet operation, founder of the Israeli Government CERT and a research fellow at Tel Aviv University, working on cyber warfare projects. Gadi authored two books on information security, organizes global professional working groups, chairs worldwide conferences, and is a frequent lecturer.

See more from Gadi Evron
Keep up with the latest cybersecurity threats, newly discovered vulnerabilities, data breach information, and emerging trends. Delivered daily or weekly right to your email inbox.
Subscribe

You May Also Like

More Insights
Webinars
More Webinars
Events
More Events

Editor's Choice

US Secretary of State Antony Blinken stands at a lectern on a large stage with projection screens everywhere.
Cybersecurity Operations
Blinken: Digital Solidarity Is 'North Star' for US PolicyBlinken: Digital Solidarity Is 'North Star' for US Policy
byKaren Spiegelman, Features Editor
May 7, 2024
3 Min Read
Globe, plane, truck, person, and stack of boxes against a world map
Cyber Risk
Supply Chain Breaches Up 68% Year Over Year, According to DBIRDBIR: Supply Chain Breaches Up 68% YoY (Depending on your Definition)
byNate Nelson, Contributing Writer
May 6, 2024
2 Min Read
thumbnail
Identity & Access Management Security
Microsoft Previews Feature to Block Malicious OAuth AppsMicrosoft Previews Feature to Block Malicious OAuth Apps
byJeffrey Schwartz, Contributing Writer
May 6, 2024
3 Min Read
Reports
More Reports
White Papers
More Whitepapers
Events
More Events