The Lawfare Podcast: Three CISA Senior Advisers on Secure by Design
What is Security by Design?
Published by The Lawfare Institute
in Cooperation With
Secure by Design means different things to different people. As part of Lawfare’s ongoing project to understand what Secure by Design might mean in practice, we are trying to identify the open questions—areas where research or inquiry might help our collective understanding of the concept and how it might work. Lawfare Contributing Editor Paul Rosenzweig sat down with three Senior Advisers to CISA—Lauren Zabierek, Jack Cable, and Bob Lord—who work on the cutting edge of SbD design and implementation, to get their thoughts on research that would be of ongoing value to their efforts to define an SbD standard.
For more information, including the resources mentioned in this episode:
- Press Release: CISA, U.S. and International Partners Announce Updated Secure by Design Principles Joint Guide | CISA
- Press Release: CISA, NSA, FBI and International Cybersecurity Authorities Publish Guide on The Case for Memory Safe Roadmaps | CISA
- Blog: The Next Chapter of Secure by Design | CISA
- Expanded Secure by Design Publication: Secure-by-Design | CISA
- White Paper: https://www.cisa.gov/
resources-tools/resources/ (English and Spanish versions available).secure-by-design - Blog on Memory Safety: The Urgent Need for Memory Safety in Software Products | CISA
- Applying Secure By Design to events : Applying “Secure By Design” Thinking to Events in the News | CISA
- RFI on secure software attestation form: CISA Requests Comment on Draft Secure Software Development Attestation Form | CISA
- Director Jen Easterly on updated Secure by Design in Singapore (start 2:12): SICW Opening Ceremony & SICW High-Panels - Opening Plenary - YouTube
- Rosenzweig on Auto/Cyber Liability: https://tcg-
website-prod.azurewebsites. net/the-evolving-landscape-of- cybersecurity-liability/ - Unsafe At Any Speed: CISA's Plan to Foster Tech Ecosystem Security (youtube.com)
Paul Rosenzweig is the founder of Red Branch Consulting PLLC, a homeland security consulting company and a Senior Advisor to The Chertoff Group. Mr. Rosenzweig formerly served as Deputy Assistant Secretary for Policy in the Department of Homeland Security. He is a Professorial Lecturer in Law at George Washington University, a Senior Fellow in the Tech, Law & Security program at American University, and a Board Member of the Journal of National Security Law and Policy.
Jack is currently a Senior Technical Advisor at the Cybersecurity and Infrastructure Security Agency.
Lauren Zabierek is the Senior Policy Advisor with the Cybersecurity & Infrastructure Security Agency. She was previously the Executive Director of the Cyber Project at Harvard Kennedy School’s Belfer Center.
Lauren served as an intelligence officer in the United States Air Force at the beginning of her career. Later, as a civilian intelligence analyst with the National Geospatial Intelligence Agency (NGA) assigned to the Office of Counterterrorism, she completed three war zone deployments. Throughout her six years at NGA, she became a subject matter expert on Activity Based Intelligence (ABI) and served as an adjunct professor in ABI at the NGA college.
After leaving NGA, she joined the cybersecurity threat intelligence startup Recorded Future, and was instrumental in building its Public Sector business practice. In her role as a Senior Intelligence Analyst, she fused intelligence methodologies with cybersecurity and machine learning technologies to help public and private sector customers improve their cyber posture. She also managed a team of analysts and worked alongside the Product Management and Training teams to improve her customers' experience with the software.
Jen Patja is the editor and producer of the Lawfare Podcast and Rational Security. She currently serves as the Co-Executive Director of Virginia Civics, a nonprofit organization that empowers the next generation of leaders in Virginia by promoting constitutional literacy, critical thinking, and civic engagement. She is the former Deputy Director of the Robert H. Smith Center for the Constitution at James Madison's Montpelier and has been a freelance editor for over 20 years.
.png?sfvrsn=79cb2b3b_5)
