A group of U.S. and U.K. security experts has launched an action plan against cyberthreats.
The roadmap, launched on Wednesday at Infosecurity 2009 in London, was formulated by security specialists from organizations including the U.S. Department of Homeland Security and the U.K. Ministry of Defence, and is designed to promote secure systems design.
The Cyber Security Knowledge Transfer Network (KTN), a U.K. government-funded organization that liaises between agencies around the world, co-ordinated the formulation of the roadmap.
”Building in information security, privacy and assurance--a high-level Roadmap” was written by Nigel Jones, director of KTN, who told ZDNet Asia's sister site ZDNet UK on Wednesday that parts of the plan will be taken forward by the United Kingdom's Center for the Protection of National Infrastructure (CPNI).
"We're trying to break down barriers as to why we are not designing in information assurance as we should," said Jones. "We describe a vision of built-in security and privacy by design."
The purpose of the initiative is to enable the development and procurement of resilient software and systems, where security and privacy requirements are defined at the beginning of a project and assured throughout the project lifespan, according to the roadmap.
The high-level action plan calls for co-ordinated action in developing business models that encourage secure engineering and facilitate the writing of secure code through technical means.
Jones said some commonly used programming languages, such as C, actively encourage developers to write insecure applications, because C was originally designed to enable interoperability between applications rather than as a secure coding language.
Jones added that organizations could change their business models to employ independent software architects to build applications that perform business functions, while maintaining security.
In the United Kingdom, responsibility for promoting secure software development will rest with the CPNI and the Technology Strategy Board, a government-sponsored organization that seeks to encourage innovation in technology.
The KTN has been involved in various knowledge-sharing initiatives, including looking at how artificial intelligence techniques can boost digital forensics.