CISA cybersecurity performance goals: 7 action items to boost your AppSec
The agency's new IT Sector-Specific Goals (SSGs) for application security aim to keep Secure by Design going strong. Here are the top action items.
Ericka Chickowski
Freelance writer. Ericka Chickowski's award-winning writing on business and technology have appeared in dozens of trade and consumer magazines, including Entrepreneur, Consumers Digest, Channel Insider, CIO Insight, Dark Reading, DevOps.com and InformationWeek. She's made it her specialty to explain in plain English how technology trends affect real people.
Posts from Ericka Chickowski
CISA cybersecurity performance goals: 7 action items to boost your AppSec
AppSec & Supply Chain Security | January 28, 2025 AI is a double-edged sword: Why you need new controls to manage risk
AI can improve cybersecurity outcomes, but it also represents an entirely new threat. Upgrade your security strategy — and tooling — for the AI age.
Going beyond 'shift left': Why shared responsibility is key to risk management
AppSec experts and software risk managers say doing security checks earlier isn't enough. Here's why — and what else organizations should do.
AppSec vs. product security: Secure by Design demands a strategy shift
Here's why and how to push your application security further into ProdSec — and what that means to achieving the goals of CISA's Secure by Design.
Threat modeling and binary analysis: Supercharge your risk strategy
Chris Romeo shares five key ways to merge modeling with modern software supply chain security — and improve your software risk management in the process.
Threat modeling and binary analysis: Supercharge your risk strategy
Chris Romeo shares five key ways to merge modeling with modern software supply chain security — and improve your software risk management in the process.
‘Good, fast, cheap... Pick two’: Software quality dilemma forces risky decisions
When developing software there are three options: good, fast, and cheap. But you can only pick two. Here's what that reality means for commercial software risk.
Cybersecurity's workforce woes are a myth: 5 ways to rethink recruiting
Leaders say a cybersecurity talent shortage is a myth — instead, it's a plain old hiring and training gap. And the industry is making the problem worse.
Software complexity is a real problem — and your AppSec must factor that in
Software complexity causes many challenges. Here are the key problem areas — and how to overcome the hurdles with a modern supply chain security approach.