In Episode 164 of Cybersecurity Where You Are, Tony Sager sits down with Curt Dukes, EVP and General Manager of Security Best Practices at the Center for Internet Security® (CIS®), and Steve Lipner, Executive Director of SAFECode.org. Together, they explore the evolution of secure software development and why secure by design is critical for reducing risk in today’s complex environments.Here are some highlights from our episode:01:08. Introductions to Curt and Steve04.01. The historical challenge of implementation errors in software security08:41. The emergence of secure by design and the need to measure against specified criteria14:39. The value of artifacts as evidence of secure software development28:52: How the CIS Critical Security Controls® (CIS Controls®) support secure software39:59. The use of community projects to address challenges like secure by designResourcesSecure by Design: A Guide to Assessing Software Security PracticesHow Secure by Design Helps Developers Build Secure SoftwareCIS, SAFECode Launch Secure by Design Guide to Help Developers Meet National Software Security ExpectationsEpisode 107: Continuous Improvement via Secure by DesignSecure by DesignSecure Software Development FrameworkEpisode 63: Building Capability and Integration with SBOMsIf you have some feedback or an idea for an upcoming episode of Cybersecurity Where You Are, let us know by emailing [email protected].