In the news every day are security incidents and privacy breaches caused by software programming errors, sloppy practices, lack of sufficient testing, and many other engineering-, coding-, and programming-related reasons. This has been progressively getting worse for the past 40, 50 years as technology has been proliferating, along with code, and different programming languages. Case in point: At the root of most Zero Day exploits is unsecure software code, created by programmers and coders who did not create the code to be secure to begin with.

For the past several years the US Cybersecurity and Infrastructure Security Agency (CISA), has published their Top 25 Most Dangerous Software Weaknesses list. When looking at this list, it is clear that most, if not all, are a result of poor coding practices. A lack of secure coding! These software weaknesses are getting worse, not better, as time goes on! Listen to this episode to hear expert, pioneer, current practitioner and thought-leader for software security, Dr. Mich Kabay, discuss many of real-life examples of poor coding that have resulted in problems, incidents and breaches, occurring long ago and up through those that are still occurring today. And, hear how code can be made more secure. We will also go through as many of the CISA top 25 dangerous software weaknesses as time allows to point out the coding errors and problems that made the software weak, unsecure, and dangerous.

All software engineers, programmers and coders do not need to be cybersecurity experts. However, all of them *DO* need to be experts in secure coding and the applicable security and privacy standards involved in the software development life cycle (SDLC).

#SecureCoding #Cybersecurity #Privacy #RiskManagement #Education #MichKabay #ZeroDay #SDLC