DHS Reminds All to Secure IT Products and Processes

Information technology exists in almost all of the products that we use. IT products help us run our homes, businesses, and cities. An entire industry has been developed to help secure these products, to include anti-virus software and malware detectors, security services firms, and offices dedicated to protecting information technology.

As software becomes more complex, discovering vulnerabilities also becomes more difficult.  For example, the recent Heartbleed vulnerability existed within popular encryption software for two years before it was detected.

Not every household or company is able to employ cyber professionals to make sure that their IT products are secure. Therefore, this National Cyber Security Awareness Month, we are looking at the importance of securely developing IT products. This involves building in security features, such as encryption, anti-virus, and other controls, into products before they ever reach the consumer. Building in seamless cybersecurity features within products helps us all stay cyber safe. Secure development of IT products can help decrease the zero day vulnerabilities that can be exploited by cyber criminals.

Government and industry must work together in this endeavor, setting and maintaining high cybersecurity standards across all critical infrastructure industries. In this spirit, DHS developed the Software Assurance Program, which seeks to reduce software vulnerabilities, minimize exploitation, and address ways to improve the routine development and deployment of trustworthy software products. Through public private partnership, the Software Assurance Program is designed to spearhead the development of practical guidance and tools and to promote research and development investment in cyber security.

Regardless of how secure our IT products are, individuals have a personal responsibility toward cybersecurity. For instance, when purchasing software or hardware, consumers should:

  • Install and maintain vendor-distributed patches or updates
  • Ensure they are using the latest operating systems on their computers and mobile devices
  • Be aware of vulnerabilities that may

To learn more about software and applications, visit the US-CERT tips and advice page at www.us-cert.gov/ncas/tips/.

Secure IT products also do not excuse people from practicing unsafe online behavior. The Department of Homeland Security (DHS) encourages everyone to stop and think about the choices they make when online, and to connect with care and caution. For general online safety tips and resources, visit the “Stop.Think.Connect.” Campaign resource guide at www.dhs.gov/stopthinkconnect.

Advertisements

Comments are closed.