In today’s digital world, organizations simply cannot afford to conduct business online without taking security into account.  Whether you buy or sell software, security has to be a top priority.  It’s just good business.  In part one of this series we touched on security standards as an important topic that was discussed at the Security Development Conference last month.  In this part of the series, we share insights on the importance of security to organizations that conduct business online. 

While at the Security Development Conference, I had an opportunity to sit down with Edna Conway, Chief Security Officer, Global Supply Chain for Cisco Systems Inc and discuss how they think about security in the context of the supply chain.   Edna discusses how security is the first and most important node of the supply chain at Cisco.  She shares how they embed security early on into the design and development stage of a product’s concept.  Watch this short video to hear more about how Cisco embeds software security into its portfolio of products. 

More and more customers are recognizing the importance of software security and are even starting to demand secure development in legal contracts with vendors they procure software from.  This is good news, but of course, not all businesses recognize the need for security yet.  As my colleague Steve Lipner recently stated in his blog, “The Time is Now.  Security Development Must be a Priority for Everyone.” 

For more information on application security, I encourage you to visit www.microsoft.com/sdl and check out many of the free resources and tools available for download.

Please stay tuned for more highlights from the Security Development Conference 2013.

Tim Rains
Director
Trustworthy Computing