From the Desk of the Cyber Committee, August 2025
Every 11 seconds, a ransomware attack occurs, crippling businesses, delaying critical medical procedures and even threatening national security. Despite decades of advancements in technology, software systems remain shockingly vulnerable. Recently, AFCEA International’s Cyber Committee conducted an analysis of the successes and failures that have led to the current situation—with the successes offering insight into the necessary approach for fixing the problem and the failures identifying actions that must accompany any such effort.
The committee documented its analysis in a white paper titled “Secure by Design—Next Steps.” They traced the history of efforts to develop secure software starting in the 1970s, including the formation of the National Computer Security Center (NCSC) at the National Security Agency, which established a formal certification process for software systems. The committee noted the weaknesses of these early efforts, which subsequently resulted in significantly decreased attention to security in software for decades following the disestablishment of the NCSC.
The committee’s research led to the development of four recommendations:
- Establish an initial, prioritized and measurable standard for software development principles and processes
- Require demonstrated proof of compliance with the initial standard through objective, measurable test results.
- Motivate adoption of the initial standard by encouraging customers, including government organizations, to require demonstration of adherence to the standard prior to purchasing software products.
- Provide safe harbor indemnity for compliance with the initial standard.
The most effective and rapid pathway to change the industry is for the software industry to take the lead in defining an initial standard for reasonableness regarding software development, the authors wrote. The committee sees it as a necessary first step in the journey toward secure software systems.
Each month, SIGNAL Magazine publishes a feature in the Committee Corner to highlight news you can us from AFCEA’s committees. Committee leaders should submit entries to Sandra Jontz.
Comments