Secure by Design Must Lead Software Development

Crossley of Schneider Electric Urges Supplier Scrutiny and Continuous Risk Review Geetha Nandikotkur (AsiaSecEditor) • March 24, 2025

Software supply chain attacks have increased, exposing gaps in application security strategies. Many organizations still rely on outdated testing methods and fail to monitor open-source threats effectively.

See Also: From Silos to Synergy: Gen AI Aligns IT and Security Teams

To strengthen defenses, they must adopt secure-by-design practices, select mature open-source components and embed risk awareness throughout development, according to Cassie Crossley, vice president of supply chain security for the cybersecurity and product security office at Schneider Electric.

Crossley said organizations need to evaluate the security posture of both their internal processes and suppliers. "As software developers, we're not necessarily trained on cybersecurity and that part of the process, which is the secure by design." Secure coding must begin to include protection for containers, build environments and deployment systems, she said.

Crossley ...