Versasec in CISA “Secure by Design”
Date: 2025-01-08
Author: Versasec
In 2024, Versasec was listed as CISA Secure by Design. In October of 2023, America’s Cybersecurity and Infrastructure Security Agency (CISA) released a challenging whitepaper titled “Shifting the Balance of Cybersecurity Risk: Principles and Approaches for Secure by Design Software.” Its purpose? To shift the costs associated with existing cyber incidents from customer deployments to product development.
The agency emphasizes that software deployments incur hard and soft costs weighing heavily on customers, before and after incidents. CISA highlights these deployment costs: SSO tax, cyber insurance, hiring experts, constructing hardening guides, and training staff. When incidents happen, the customers must hire external resources and lose highly valued productivity. CISA proposes to move these costs left, earlier in the product timeline, to the product development. They state the costs and risks would decrease substantially.
“We have allowed a system where the cybersecurity burden is placed disproportionately on the shoulders of consumers and small organizations and away from the producers of the technology and those developing the products that increasingly run our digital lives.” – Secure by Design, CISA
Versasec, software developer of the vSEC:CMS credential management software, has alongside 200 other manufacturers, signed the “Secure by Design Pledge. “ Last month, in December 2024, we shared with our community the steps we have already taken and are on track to comply with their recommendations fully. We became the 18th organization to report our progress on the Secure by Design site.
Our completed goals include:
- Drive adoption of multi-factor authentication
- Reduce the use of default passwords
- Publish a vulnerability disclosure policy
- Provide transparency on vulnerabilities
The tasks we’re on track for:
- Reduce common classes of vulnerabilities
- Drive improved customer patching hygiene
- Deliver improved logging and monitoring for customers
Read the full Versasec progress report here: https://versasec.com/versasec-secure-by-design/.
vSEC:CMS
Our product suite provides all the software tools to administrate and manage credentials in a secure and convenient way.
Free Product Trial
Versasec provides enabling IT security products centered on the usage of security devices such as smart cards. Our solutions enable customers to securely authenticate, issue and manage user credentials more cost effectively. Get a free product trial.
Job Openings
We are always looking for new exceptional persons to join our team! Find out more about our job openings.