Governments Embrace Secure by Design to Curb Cyberthreats

NextJenSecurity Founder Calls for Global Policy Shifts to Reduce Vulnerabilities Mathew J. Schwartz (euroinfosec) • June 12, 2025

Governments are ramping up efforts to shift from reactive cybersecurity to proactive prevention. Vulnerabilities have now overtaken phishing as the most exploited access vector for breaches, according to the 2025 Data Breach Investigations Report. Jen Ellis, founder of NextJenSecurity, said the continuing exploitation of well-known vulnerabilities signals a pressing need for policy changes that prioritize secure-by-design principles.

See Also: Enterprise Browser Transforms App Delivery and Compliance

"We have the 'Known Exploited Vulnerabilities Catalog' from CISA, which helps prioritize patching. But for organizations, it is difficult to keep up with it, which is part of the reason that secure by design has become such a critical movement," Ellis said.

Countries are experimenting with divergent approaches, with the United Kingdom favoring a technology-specific policy framework, the United States pursuing a broad, pledge-based model and the ...