More Secure Software for a Safer Digital Transformation

The digital transformation which brings more software to smart connected devices, also creates more opportunities for attackers to exploit vulnerabilities.

Eric Baize May 22nd 2018

Many cyberattacks can be linked to a software vulnerability exploited by attackers seeking to gain unauthorized access to targeted organizations’ systems or applications. The digital transformation which brings more software to smart connected devices, also creates more opportunities for attackers to exploit vulnerabilities.

We all have a role to play: The battle to ensure that organizations achieve the full potential of their digital transformation must be fought on two fronts:

Organizations need to transform their security by using a risk-driven, proactive approach, which at Dell we call “Security Transformation”.

Developers must build more secure software to minimize software vulnerabilities and the exposure of devices on which their software is deployed.

Developing more secure software is less about technology, and more about people and processes. It requires an industry-wide effort that focuses on educating software engineers and driving the adoption of a secure software development process.

In a recent blog post, I discussed the need to start teaching security to all developers at the time we teach them how to code, not years later, after they have graduated from college.

On the process side, I am excited to share that SAFECode recently released the Third Edition of its Fundamental Practices for Secure Software Development. Security experts from Dell EMC and from other SAFECode member companies have created this authoritative best practices guide based on their extensive experience in order to encourage the industry-wide adoption of secure development practices.

Successful digital transformation must be built on a foundation of secure software. Please help us drive adoption of secure development practices by sharing SAFECode’s Fundamental Practices for Secure Software Development with security practitioners and with every software professional in your organization.