Today’s post was written by Prof. Howard A. Schmidt.
In last week’s State of the Union address, President Obama discussed the importance of increasing protections for both consumers and businesses from cyber threats. Though this is not the first time cybersecurity has been mentioned in a State of the Union address, its inclusion in last week’s speech combined with its significant role in the President’s 2015 legislative agenda clearly signifies that improving cybersecurity is a national priority for the United States.
As cybersecurity continues to grab more attention in the U.S. and around the globe, SAFECode’s responsibility and commitment remains clear. Now in our seventh year of work, SAFECode is continuing to reach across our industry to analyze, apply and promote the best mix of software assurance technology, process and training. Last year we expanded our membership to harness valuable knowledge from a broader set of experts in service of our mission to deliver new software assurance resources globally and to support a wider range of software security needs. In 2015, we plan to make that vision a reality. Here are a few of our key priorities as we head into the New Year:
- SAFECode will work not only to improve software security practices, but also to better communicate and demonstrate to customers what these practices mean for their risk management efforts. Look for more guidance from SAFECode on how to evaluate the security of purchased software.
- SAFECode will launch a new working group to collaborate on issues related to securing and managing third-party software components.
- SAFECode will continue to expand its foundational guidance on secure development practices to meet the diverse needs of our industry and its products.
- SAFECode will continue to support the security education and training needs of developers. We are looking at ways to support the expansion of software security education in university programs and plan to continue to add new offerings to our free training program aimed at helping those looking to create an in-house training program for their product development teams, as well as individuals interested in enhancing their skills.
As new members continue to come on board, new perspectives are added, and new issues arise, we will continue to expand our agenda and continue to support our industry in its ongoing efforts to advance software assurance.
So while the cybersecurity debate in Washington jumps into the spotlight and our international resolve to fight back against cyber threats grows stronger, know that there are many people already hard at work to advance software security and promote practices that will deliver more secure and reliable software. This may be only one aspect of improving cybersecurity and SAFECode may only represent one of these efforts, but we assure you that we remain focused and committed. If your organization shares our passion, please join us as we do our part to encourage progress on this international priority in 2015.