{"version":"1.0","type":"rich","provider_name":"Acast","provider_url":"https://acast.com","height":250,"width":700,"html":"<iframe src=\"https://embed.acast.com/$/60518a52f69aa815d2dba41c/65849bf77e7da30017acc660?\" frameBorder=\"0\" width=\"700\" height=\"250\"></iframe>","title":"Three CISA Senior Advisers on Secure by Design","description":"<p>Secure by Design means different things to different people.&nbsp;As part of <em>Lawfare</em>’s ongoing <a href=\"https://www.lawfaremedia.org/current-projects/reviews-essays/security-by-design\" rel=\"noopener noreferrer\" target=\"_blank\">project</a> to understand what Secure by Design might mean in practice, we are trying to identify the open questions—areas where research or inquiry might help our collective understanding of the concept and how it might work.<em>&nbsp;Lawfare</em> Contributing Editor Paul Rosenzweig sat down with three Senior Advisers to CISA—Lauren Zabierek, Jack Cable, and Bob Lord—who work on the cutting edge of SbD design and implementation, to get their thoughts on research that would be of ongoing value to their efforts to define an SbD standard.</p><p>You can watch a video version of their conversation&nbsp;<a href=\"https://youtu.be/sO9dbxuAVPY\" rel=\"noopener noreferrer\" target=\"_blank\">here</a>.</p><p>For more information, including the resources mentioned in this episode:</p><ul><li><a href=\"https://www.cisa.gov/news-events/news/cisa-us-and-international-partners-announce-updated-secure-design-principles-joint-guide\" rel=\"noopener noreferrer\" target=\"_blank\">CISA, U.S. and International Partners Announce Updated Secure by Design Principles Joint Guide | CISA</a></li><li><a href=\"https://www.cisa.gov/news-events/news/cisa-nsa-fbi-and-international-cybersecurity-authorities-publish-guide-case-memory-safe-roadmaps\" rel=\"noopener noreferrer\" target=\"_blank\">CISA, NSA, FBI and International Cybersecurity Authorities Publish Guide on The Case for Memory Safe Roadmaps&nbsp;| CISA</a></li><li>Blog:&nbsp;<a href=\"https://www.cisa.gov/news-events/news/next-chapter-secure-design\" rel=\"noopener noreferrer\" target=\"_blank\">The Next Chapter of Secure by Design | CISA</a></li><li>Expanded Secure by Design Publication:&nbsp;<a href=\"https://www.cisa.gov/resources-tools/resources/secure-by-design?utm_source=EA%20Press%20Release&amp;utm_medium=Press%20Release&amp;utm_campaign=Secure%20by%20Design%20and%20Default%20Update\" rel=\"noopener noreferrer\" target=\"_blank\">Secure-by-Design | CISA</a></li><li>White Paper:&nbsp;<a href=\"https://www.cisa.gov/resources-tools/resources/secure-by-design\" rel=\"noopener noreferrer\" target=\"_blank\">https://www.cisa.gov/resources-tools/resources/secure-by-design</a>&nbsp;(English and Spanish versions available)</li><li>Blog on Memory Safety:&nbsp;<a href=\"https://www.cisa.gov/news-events/news/urgent-need-memory-safety-software-products\" rel=\"noopener noreferrer\" target=\"_blank\">The Urgent Need for Memory Safety in Software Products | CISA</a></li><li>Applying Secure By Design to events :&nbsp;<a href=\"https://www.cisa.gov/news-events/news/applying-secure-design-thinking-events-news\" rel=\"noopener noreferrer\" target=\"_blank\">Applying “Secure By Design” Thinking to Events in the News&nbsp;| CISA</a></li><li>RFI on secure software attestation form:&nbsp;<a href=\"https://www.cisa.gov/news-events/alerts/2023/11/16/cisa-requests-comment-draft-secure-software-development-attestation-form\" rel=\"noopener noreferrer\" target=\"_blank\">CISA Requests Comment on Draft Secure Software Development Attestation Form | CISA</a></li><li>Director Jen Easterly on updated Secure by Design in Singapore (start 2:12):&nbsp;<a href=\"https://www.youtube.com/watch?v=nY-FE1Rs7fE\" rel=\"noopener noreferrer\" target=\"_blank\">SICW Opening Ceremony &amp; SICW High-Panels - Opening Plenary - YouTube</a></li><li>Rosenzweig on Auto/Cyber Liability:&nbsp;<a href=\"https://tcg-website-prod.azurewebsites.net/the-evolving-landscape-of-cybersecurity-liability/\" rel=\"noopener noreferrer\" target=\"_blank\">https://tcg-website-prod.azurewebsites.net/the-evolving-landscape-of-cybersecurity-liability/</a></li><li><a href=\"https://www.youtube.com/watch?v=vkLyQcYyyTQ\" rel=\"noopener noreferrer\" target=\"_blank\">Unsafe At Any Speed: CISA's Plan to Foster Tech Ecosystem Security (youtube.com)</a></li></ul>","author_name":"The Lawfare Institute"}