Proactive or Reactive Security? How to shift away from Incident-Driven Design by Barbara Teruggi

Description

Proactive or Reactive Security? How to shift away from Incident-Driven Design by Barbara Teruggi Most systems aren’t intentionally designed to be insecure… They’re designed to ship. When time-to-market sets the pace, systems tend to evolve by reacting to incidents: something breaks, we fix it, and move on. Over time, this becomes incident-driven design when systems aren’t shaped early to avoid facing the consequences of pre-installed weaknesses. This talk focuses on what “Secure by Design” means before code is written. We’ll look at how requirements, planning, and design phases of the SDLC define what can go wrong later, and how small changes at this stage help build security into the design without slowing teams down. By the end of the talk, you’ll leave with practical advice on how to integrate proactive security into system design.