In continued support of our mission to cultivate a cybersecurity renaissance that will improve the resiliency of our nation’s 16 critical infrastructure sectors, defend our democratic institutions, and empower generations of cybersecurity leaders, ICIT asked some of the brightest minds in national security, cybersecurity, and technology to author essays communicating their perspective. Our goal is to share their knowledge and insights with our community to shed light on solutions to the technology, policy, and human challenges facing the cybersecurity community. Our hope is that their words will motivate, educate, and inspire you to take on the challenges facing your organizations.

ICIT Fellow Perspective Essay Authored by Dr. Darren Death:

Developing resilient code for business applications is critically important to ensure continued mission success by defending against the exploitation of new software vulnerabilities that can be leveraged by attackers to disrupt organizational stability. Ensuring that newly developed code is free from exploitable vulnerabilities contributes to mission resilience by reducing an organization’s overall attack surface. By reducing the total attack surface across an enterprise’s digital inventory, an organization is effectively making it more difficult for an attacker to exploit and retrieve sensitive organizational assets. This makes ensuring that cybersecurity requirements, principles, and tools are implemented across the application’s System Development Life Cycle (SDLC), a top priority for development teams that are looking to defend their organization from malicious adversaries. In this ICIT Fellows’ Perspective Essay, Dr. Darren Death explains that a developer can implement the following mechanisms to ensure that their application code is free from exploitable vulnerabilities:

  • The Integration of Cybersecurity Throughout the SDLC;
  • The Application of Best Practices and Standards;
  • Static Code Analysis;
  • Dynamic Code Analysis

Read the Full Essay

Integrating Cybersecurity into the Application Development Lifecycle