US government plans to boost software security by design were analyzed during the RSA Conference 2024. During the event, Bob Lord, a senior technical advisor at the US Cybersecurity and Infrastructure Security Agency (CISA), said it was imperative to overcome accepted norms in regard to software security – that the security burden is placed on the end user, who are least able to understand the threat landscape, protect themselves, and respond to incidents.
Source: Infosecurity