Software development that does not incorporate comprehensive security throughout the lifecycle of the application jeopardizes national security by increasing the threat landscape surrounding high-value networks and sensitive data. Unfortunately, many of today’s technology manufacturers prioritize speed to market over security, have adopted a ‘deploy now, patch later’ culture, and shift the liability of their vulnerable technology onto consumers through EULAs and SLAs.
It is vital to national security that stakeholders, their partner organizations, and their supply chains understand and subscribe to the notion that “it takes a village” to secure software development in today’s complex and interconnected global economy. In this paper, entitled “Software Security is National Security: Why the U.S. Must Replace Irresponsible Practices with a Culture of Institutionalized Security” ICIT and Micro Focus Government Solutions, an ICIT Fellow Program Member, explore systemic problems in the software security landscape and offer recommendations on how to improve application security.
Specifically, the paper discusses:
- Systemic Problems in the Software Development Landscape
- The Need for a Cultural Renaissance in Software Security
- Guidelines and Frameworks to Improve Software Security
- Recommendations to Improve Negligent Software Development
This paper was authored by:
- Rob Roy, ICIT Fellow & CTO Public Sector, Micro Focus Government Solutions
- Drew Spaniel, Lead Researcher, ICIT
The authors would like to thank the following experts for contributing to this paper:
- Parham Eftekhari, Executive Director, ICIT
- Dr. Ron Ross, Fellow, National Institute of Standards and Technology (NIST)
- Michael Aisenberg, ICIT Fellow & Principal Cyber Policy Counsel, MITRE Center for National Security
- Jerry Davis, ICIT Fellow and Vice President and Global Chief Security Officer, Lam Research
- David Summitt, ICIT Fellow and CISO, Moffitt Cancer Center
- Stan Wisseman, Chief Security Strategist, Micro Focus
Download this report and the executive summary by clicking the icons to the right.
ICIT would like to thank Micro Focus Government Solutions, an ICIT Fellow Program Member, for sponsoring this research study.