Guest Editorial by Jeff Stewart, CTO & Vice President of Global Solutions Engineering and Observability for SolarWinds
Staying ahead of threats is a constant battle in the ever-evolving cybersecurity landscape.
Threat actors have capabilities beyond what was previously thought. Nation-state actors use new tools and techniques to execute highly sophisticated, unpredictable cyberattacks.
Modern software development has made our digital world more complex, with cloud and digital transformation efforts complicating the landscape.
Amid these changes, the importance of adopting a Secure by Design approach cannot be overstated.
Secure by Design isn’t just a buzzword; it’s a fundamental mindset shift.
It means integrating security at every stage of the product or system development process.
Over the last year, the cybersecurity industry has made significant progress toward achieving this goal, marking a paradigm shift in how public and private organizations approach their digital defenses.
Together, we can forge a more secure and trustworthy digital landscape — and safeguard our interconnected world.
(Today’s attacks show us risk mitigation takes organizational input and knowledge. Security and risk management should be part of everyone’s role. Hear from executives discuss SolarWinds ongoing evolution to Secure by Design, the lessons they’ve learned, and the actions they’ve taken. Courtesy of SolarWinds and YouTube.)
Growing SBOM Adoption
Software bills of materials (SBOMs) are crucial to the shift towards Secure by Design.
Under the Biden Administration’s National Cybersecurity Strategy, which includes the National Institute of Standards and Technology (NIST) Secure Software Development Framework (SSDF), companies must adhere to guidelines to strengthen our nation’s overall cybersecurity posture.
These guidelines require generating an SBOM, which is like a receipt of each component, library, tool, and process developers use in the build process.
SBOMs are a critical step for improving the security of software products by providing visibility into their composition. SBOMs introduced a new standard for transparency and openness in the industry, and their adoption is increasing.
Research from Sonatype has found that three-quarters of large enterprises in the United States and the United Kingdom have implemented SBOMs since the Biden administration issued an executive order to bolster cybersecurity in 2021. The same report found that about 60% of large enterprises now require the businesses they work with to have an SBOM in place.
Investing in Security Training and the Cyber Workforce
One of the most significant vulnerabilities in any organization is its employees. Phishing attacks and social engineering schemes remain prevalent. Employees are the first line of defense, and a security-aware culture is critical to safeguarding digital assets.
Organizations have invested heavily in cybersecurity awareness and training programs to combat this.
The global security awareness training market is expected to exceed $12 billion annually by 2027, up from $1.8 billion in 2022.
This last year, there have also been improvements in growing the cybersecurity workforce, a critical step for the industry to become more Secure by Design. The industry lacks experienced, qualified individuals to fill cybersecurity roles.
However, more organizations, educational institutions, and government agencies are embracing models that encourage more cybersecurity professionals to enter the market.
This past July, the White House unveiled a National Cyber Workforce and Education Strategy to address immediate and long-term cyber workforce needs.
Alongside this announcement, the U.S. National Science Foundation CyberCorps Scholarship for Service program renewed funding for seven academic institutions, providing more than $24 million over the next four years to support developing a robust cybersecurity workforce.
This government support is complemented by an increasing number of software companies changing their cybersecurity recruitment processes and offering incentives for cybersecurity professionals.
(The National Cyber Workforce and Education Strategy has been released and addresses four main areas: federal cyber workforce, national cyber workforce, cyber education and training, and digital awareness. The Office of the National Cyber Director will lay out the strategy’s key pillars, strategic objectives, and next steps, including plans to implement the initiatives called for in the strategy. Facilitated by Camille Stewart Gloster, Deputy National Cyber Director Technology and Ecosystem Security (TES), White House Office of the National Cyber Director. Courtesy of RSA Conference and YouTube. Posted on Jun 7, 2023.)
Industry Collaborations
The cybersecurity community increasingly recognizes that threats are not limited to a single organization; they can affect entire industries.
As a result, there has been a growing trend of collaboration among organizations to share threat intelligence. By pooling resources and knowledge, we can collectively bolster our defenses.
This collaborative spirit has been a highlight of the past year, with private companies and the government partnering to thwart cyber threats. This partnership has primarily been driven by the Cybersecurity and Infrastructure Security Agency (CISA – Also a 2023 ‘ASTORS’ Awards Program Champion) Secure Software Self-Attestation requirement.
The agency requires software producers that sell to the government to attest that their software is developed securely. These requirements promote transparent and open information sharing, uniting the public and private sectors in a proactive effort to combat cyber threats and bolster the security of the entire industry.
The NIST Secure Software Development Framework (SSDF) was also released this past year to encourage industry collaboration. This framework intends to serve as a set of fundamental and secure software development practices to help software producers reduce the number of vulnerabilities in released software and the potential impact of exploited vulnerabilities.
These guidelines are essential in encouraging organizations to integrate Secure by Design principles into the software development process. Earlier this year, SolarWinds announced that our Next-Generation Build System aligns with the SSDF.
The Next-Generation Build System is a critical component of our Secure by Design initiative launched in 2021, and leverages a parallel build process where software is developed in multiple secure, duplicate, and ephemeral environments.
(SolarWinds Secure by Design virtual event explored the importance of public/private partnerships to secure our common cyberinfrastructure. Hosted by SolarWinds CISO and VP of Security Tim Brown, this event includes a bipartisan panel of government leaders discussing the United States National Cybersecurity Strategy, its related frameworks, and the nature of today’s cyber risks. Get perspectives on public-private collaboration within the ecosystem through a panel discussion featuring SolarWinds President and CEO Sudhakar Ramakrishna in conjunction with Congressman Darrell Issa (R-CA), Congressman Raja Krishnamoorthi (D-IL), and CISA Executive Assistant Director for Cybersecurity Eric Goldstein. Additionally, Tim dives deeper into the Secure Software Development Framework (SSDF), the importance of its requirements, and the actions SolarWinds is taking. Courtesy of SolarWinds and YouTube.)
Significant Progress, but Challenges Persist
As we reflect on the past year, it’s clear we’ve made significant progress in the journey toward a Secure by Design industry. However, challenges and roadblocks persist.
Legacy systems, deeply entrenched in many organizations, are complex to transition to a Secure by Design approach. Many pose vulnerabilities that cybercriminals can exploit. Moreover, the threat landscape evolves constantly, making it essential for organizations to stay vigilant.
As threats will continue to evolve, our defenses must evolve with them. I urge organizations to prioritize Secure by Design principles, invest in cybersecurity talent and technology, and embrace a proactive approach to cybersecurity.
The cybersecurity community’s collective responsibility is to work together to build a more secure world, and we’re on the path to do so.
About the Author
Jeff Stewart, Field CTO & Vice President of Products at SolarWinds, brings over 20 years of monitoring and observability expertise, with 13+ years of product strategy and solutions engineering at SolarWinds.
Jeff is responsible for driving business results, defining product strategy, and leading SolarWinds global solutions engineering organization with a customer-focused mindset to connect the company’s customers with the best software solutions.
SolarWinds is a leading provider of simple, powerful, secure observability and IT management software built to enable customers to accelerate their digital transformation.
The company’s solutions provide organizations worldwide, regardless of type, size, or complexity, with a comprehensive and unified view of today’s modern, distributed, and hybrid network environments.
SolarWinds continuously engages with IT service and operations professionals, DevOps and SecOps professionals, and database administrators (DBAs) to understand their challenges in maintaining high-performing and highly available hybrid IT infrastructures, applications, and environments.
To learn more, please visit www.solarwinds.com.
SolarWinds Takes Platinum in 2023 ‘ASTORS’ Homeland Security Awards
American Security, Today’s Annual ‘ASTORS’ Awards, is the preeminent U.S. Homeland Security Awards Program, and now entering its Ninth Year, continues to recognize industry leaders of Physical and Border Security, Cybersecurity, Emergency Preparedness – Management and Response, Law Enforcement, First Responders, as well as federal, state and municipal government agencies in the acknowledgment of their outstanding efforts to Keep our Nation Secure.
SolarWinds Worldwide
Best Security Incident & Event Management Solution (SIEM)
SolarWinds Hybrid Cloud Observability
-
Threats to IT networks continue to accelerate and evolve. While enterprising hackers from external sources test the robustness of network security parameters, internal threats from careless and malicious insiders remain a significant and ongoing concern.
-
SolarWinds® Hybrid Cloud Observability was designed to help organizations ensure availability and reduce remediation time across on-premises and multi-cloud environments by increasing visibility, intelligence, and productivity.
-
SolarWinds Hybrid Cloud Observability gives you deep, holistic IT infrastructure and services visibility. It helps you focus on critical issues without a deluge of telemetry data to make better decisions and do more.
(Learn how the rise of digital transformation has accelerated opportunities and increased challenges for organizations managing complex, diverse, and distributed environments. SolarWinds Hybrid Cloud Observability is designed to take complex IT deployments and make them easy to operate with proactive end-to-end observability. Courtesy of SolarWinds and YouTube.)
-
SolarWinds Hybrid Cloud Observability provides IT agility for today’s distributed environments, including:
-
Eliminate Tool Sprawl: Translate disparate data types into actionable insights, bringing focus and clarity to complex environments.
-
Reduce Alert Fatigue: Cut through the noise by correlating problems simultaneously to identify the root cause quickly.
-
Observability Across Hybrid IT: Agent-based, agentless, and API-sourced cloud infrastructure metrics for visibility across your entire hybrid environment.
-
-
-
Prepare for Growth With Flexible Licensing: Offers pay-for-what-you-need control and the flexibility to allocate nodes across instances. No additional licenses are needed.
-
-
By onboarding infrastructure, apps, and services into your monitoring ecosystem, SolarWinds Hybrid Cloud Observability enables you to reduce IT silos, enable cross-domain correlation, and increase collaboration—all while automating visualization, analytics, management, troubleshooting, and compliance tasks.
-
*SolarWinds has been officially recognized with Multiple Award Wins for Eight Consecutive Years. Thank you for your continued confidence in AST!
Nominations are currently being accepted for the 2024 ‘ASTORS’ Homeland Security Awards Program at https://americansecuritytoday.com/ast-awards/.
Comprehensive List of Categories Include:
Access Control/ Identification | Personal/Protective Equipment | Law Enforcement Counter Terrorism |
Perimeter Barrier/ Deterrent System | Interagency Interdiction Operation | Cloud Computing/Storage Solution |
Facial/IRIS Recognition | Body Worn Video Product | Cyber Security |
Video Surveillance/VMS | Mobile Technology | Anti-Malware |
Audio Analytics | Disaster Preparedness | ID Management |
Thermal/Infrared Camera | Mass Notification System | Fire & Safety |
Metal/Weapon Detection | Rescue Operations | Critical Infrastructure |
License Plate Recognition | Detection Products | COVID Innovations |
Workforce Management | Government Security Programs | And Many Others to Choose From! |
Don’t see a Direct Hit for your Product, Agency, or Organization?
Submit your category recommendation to Michael Madsen, AST Publisher, at mmadsen@americansecuritytoday.com.
Homeland Security remains at the forefront of our national conversation as we experience an immigration crisis along our southern border and crime rates that are dramatically higher than before the Pandemic across the United States.
These challenges have become a national priority with an influx of investments in innovative new technologies and systems.
Enter American Security Today, the #1 publication and media platform in the Government Security and Homeland Security fields, with a circulation of over 75,000 readers and many tens of thousands more who visit our AST website at www.americansecuritytoday.com each month.
The pinnacle of the Annual ‘ASTORS’ Awards Program is the Annual ‘ASTORS’ Awards Ceremony Luncheon Banquet, an exclusive, full-course plated meal event in the heart of New York City.
The continually evolving ‘ASTORS’ Homeland Security, Public Safety, and Government Excellence Awards Program will highlight the trail of Accomplished Women in Leadership in 2024.
So be on the lookout for exciting upcoming announcements of Speakers, Presenters, Book Signing Opportunities, and Attendees at the 2024 ‘ASTORS’ Awards Presentation Luncheon in November of 2024 in New York City!
In 2023, this exclusive sold-out event featured at ISC East, well over two hundred representatives of law enforcement, public safety, and industry leaders came together to honor the selfless service of those who stand on the front lines – and those who stand beside them – providing the capabilities and technologies to create a safer world for future generations.
Comprehensive collaborations between these private and public sectors have led to the development of innovative intelligence and technologies that serve to protect our Nation.
Steven Dettelbach, Director of the Bureau of Alcohol, Tobacco, Firearms (ATF) and Explosives, delivered the keynote address at the 2023 ‘ASTORS’ Homeland Security and Excellence in Public Safety Awards Ceremony and Banquet Luncheon.
Director Dettelbach spoke with passion on the epidemic of Gun Violence by Illegal Guns taking place across the United States, which results in over 125 deaths daily and impacting generations of families – leaving open chairs at holiday events.
Firearm injuries were the leading case of death for children for the third year in a row, he explained, and have doubled in the U.S. since 2021, levels that are simply intolerable.
Director Dettelbach lauded the strong partnerships with Federal, State, Local, and Tribal Policing that ATF has earned and relies upon to reduce violence and spoke with admiration as a former prosecutor on the selfless sense of mission and drive that is universal across the entire First Responder Community.
The prestigious Annual ‘ASTORS’ Homeland Security Awards Program highlights the most cutting-edge and forward-thinking security solutions coming onto the market today to ensure our readers have the information they need to stay ahead of the competition and keep our Nation safe – one facility, street, and city at a time.
The ‘ASTORS’ was specifically designed to honor distinguished government and vendor solutions that deliver enhanced value, benefit, and intelligence to end-users in a variety of government, homeland security, enterprise, and public safety vertical markets.
(See a few highlights during the 2023 ‘ASTORS’ Homeland Security and Government Excellence Awards Ceremony and Banquet Luncheon in NYC during ISC East on November 16, 2023. Courtesy of AST, My Pristine Images, and Vimeo.)
AST puts forward the Largest and Most Qualified Circulation in Government with Over 75,000 readers on the Federal, State and Local levels.
AST Digital Publications are distributed to over 75,000 qualified government and homeland security professionals in federal, state, local, and private security sectors.
‘PROTECTING OUR NATION, ONE CITY AT A TIME’
AST Reaches Private and public Experts, essential to meeting these new challenges.
Today’s new generation of public safety and security experts need real-time knowledge to deal with domestic and international terrorism, lone wolf attacks, unprecedented urban violence, shifts in society, culture, and media bias – making it increasingly difficult for Homeland Security, Law Enforcement, First Responders, Military and Private Security Professionals to implement coordinated security measures to ensure national security and improve public safety.
These experts are from the Government at the federal, state, and local levels, as well as from private firms allied to the government.
AST provides a full plate of topics in our AST Monthly Magazine Editions, AST Website, and AST Daily News Alerts, covering 23 Vital Sectors such as Access Control, Perimeter Protection, Video Surveillance/Analytics, Airport Security, Border Security, CBRNE Detection, Border Security, Ports, Cybersecurity, Networking Security, Encryption, Law Enforcement, First Responders, Campus Security, Security Services, Corporate Facilities, and Emergency Response among others.
AST has Expanded readership into integral Critical Infrastructure audiences such as Protection of Nuclear Facilities, Water Plants and Dams, Bridges and Tunnels, and other potential targets of terrorism.
Other areas of concern include Transportation Hubs, Public Assemblies, Government Facilities, Sporting and Concert Stadiums, our Nation’s Schools and Universities, and Commercial Business Destinations – all enticing targets due to the large number of persons and resources clustered together.
To learn more about ‘ASTORS’ Homeland Security Award Winners solutions, Be On the LookOut for the 2023 ‘ASTORS’ CHAMPIONS Edition Fully Interactive Magazine – the Best Products of 2023 ‘A Year in Review.’
The Annual CHAMPIONS edition reviews ‘ASTORS’ Award Winning products and programs, highlighting key details on many of the winning firm’s products and services, including video interviews and more.
It will serve as your Go-To Source throughout the year for ‘The Best of 2023 Products and Services’ endorsed by American Security Today and can satisfy your agency’s and/or organization’s most pressing Homeland Security and Public Safety needs.
From Physical Security (Access Control, Critical Infrastructure, Perimeter Protection, and Video Surveillance Cameras and Video Management Systems), to IT Security (Cybersecurity, Encryption, Data Storage, Anti-Malware, and Networking Security – to name a few), the 2023 ‘ASTORS’ CHAMPIONS EDITION will have WHAT YOU NEED to Detect, Delay, Respond to, and Mitigate today’s real-time threats in our constantly evolving security landscape.
It will also include featured guest editorial pieces from some of the security industry’s most respected leaders and recognized firms in the 2023 ‘ASTORS’ Awards Program.
For more information on All Things American Security Today, as well as the 2024 ‘ASTORS’ Awards Program, please contact Michael Madsen, AST Publisher at mmadsen@americansecuritytoday.com.
AST strives to meet a 3 STAR trustworthiness rating, based on the following criteria:
- Provides named sources
- Reported by more than one notable outlet
- Includes supporting video, direct statements, or photos