Moving cybersecurity upstream to achieve resilience

Executive Summary: Integrating cybersecurity measures from the outset of software development is essential. Experts agree that this proactive approach enhances organizational resilience against cyber threats.​

This article:

  • Advocates for integrating cybersecurity measures early in software development.​
  • Highlights the consensus among experts on proactive security approaches.​
  • Suggests that early integration leads to stronger organizational resilience.

Introduction

The traditional approach to cybersecurity—often tacked on as an afterthought—needs a serious overhaul. This was the consensus in the recent MN-ISSA sponsored fireside chat titled “Moving Cybersecurity Upstream to Achieve Resilience,” where industry experts gathered to explore the integration of security measures right from the early stages of software development and strategic planning.

Held at Metro State University, the session opened with remarks from Paul Veeneman, who set the stage for a deep dive into how application security and proactive cybersecurity protocols can align with overarching resilience strategies. Experts Clea Ostendorf from Wolfpack Security and Sean Costigan from Red Sift shared their insights, emphasizing the necessity to embed security into the software development lifecycle (SDLC) and adopt reasonable proactive measures to expand organizations’ distance from cyber threats.

Watch the full recording: 

The urgent need for a “shift left” approach

Moderated by experts in the field, the panel discussed the past and current paradigms of cybersecurity. Clea pointed out the critical need for a shift-left approach, integrating security earlier in the SDLC through engineering buy-in and alignment. Meanwhile, Sean highlighted the importance of moving cybersecurity practices upstream to not just react to threats but proactively prepare for them while raising costs on attackers.

The discussion identified common obstacles, such as integrating DevSecOps into continuous integration and continuous deployment (CI/CD) pipelines, where tooling and cultural resistance often play significant roles. Sean discussed how organizations could transform cybersecurity into a strategic advantage rather than seeing it as a cost center.

This includes the need for organizations to identify and address “technical debt” in their systems, such as legacy code, outdated protocols, and insecure configurations that often leave organizations vulnerable. This debt, as Sean described, acts as a silent enabler for cybercriminals, who exploit these weaknesses to compromise systems. Cleo also noted the importance of proactive measures and good cyber hygiene, “it’s never a zero-day that takes down organizations, it’s bad hygiene”, with the unheralded often not talked about. 

For example, the Library of Congress in the U.S. prevented a breach thanks to multifactor authentication, while Blackberry’s threat and detection team halted an infamous Russia FIN7 threat group from launching a ransomware attack.

Security, resiliency, and recovery: A triad for the future

The conversation progressed to how security measures are intrinsically linked to organizational resilience and recovery capabilities. Clea suggested strategies for designing secure systems that minimize vulnerabilities and support faster recovery, such as:

  • Incorporating threat modeling and secure architecture reviews into project lifecycles
  • Leveraging AI-driven tools and automated feedback loops to connect security incidents with development processes

These measures can help organizations quickly identify and mitigate weaknesses, even in the event of a breach.

Sean highlighted the need to understand cybersecurity resilience throughout the organization, providing examples of how proactive security measures have bolstered resilience in critical infrastructure sectors, such as water systems and transportation, and the need to align with security business goals, while further remaining compliant with new regulations like the Digital Operational Resilience Act (DORA).

Audience engagement peaked during the discussion on practical takeaways, including the use of AI and automated tools for cybersecurity, plus the creation of feedback loops between security incidents and development processes. Clea and Sean spoke on the impact of these strategies in real-world settings. The evolution of cybersecurity to empower change.

Looking to the future, the panel speculated on the next evolution of upstream cybersecurity, emphasizing the potential role of AI and machine learning. These technologies can:

  • Prioritize risks more effectively
  • Enhance security testing
  • Enable more active threat detection

Clea underscored the role of security leaders in “painting the picture” of potential risks and mitigation strategies, while Sean stressed the need for bespoke cybersecurity alignment within enterprise risk frameworks. He urged organizations to move beyond compliance and adopt proactive measures, such as robust asset management and routine auditing of exposed APIs and certificates.

The panel also addressed the looming challenges posed by quantum computing, which could render traditional encryption methods obsolete. Clea and Sean urged attendees to stay ahead of this emerging threat by exploring post-quantum cryptography standards and preparing for a future where data security will require entirely new protocols.

The session concluded with key calls to action, urging attendees to:

  1. Evaluate and integrate upstream cybersecurity principles into their operations
  2. Address technical debt and legacy vulnerabilities
  3. Adopt proactive measures to enhance resilience and recovery capabilities
  4. Leverage AI and automation to streamline security processes
  5. Prepare for quantum computing by exploring next-generation encryption standards

By rethinking and realigning their cybersecurity strategies, organizations can build a more resilient future and stay ahead of emerging threats. At Red Sift we are here to help, connect with our team today.

PUBLISHED BY

Sean Costigan

30 Jan. 2025

SHARE ARTICLE:

Recent Posts

VIEW ALL
DMARC

400,000 DMARC boost after Microsoft’s high-volume sender update

Jack Lilley

Microsoft’s decision to join Google and Yahoo in enforcing stricter rules for high-volume senders has triggered an immediate response across the internet. In the last 30 days alone, 406,042 new domains have deployed Domain‑based Message Authentication, Reporting & Conformance (DMARC), pushing the global total to 10.9 million. While not all domains will be exclusive Outlook users,…

Read more
DMARC

Red Sift partners with Gradian to strengthen email security through OnDMARC

Jack Lilley

Today Red Sift launches a new partnership with Gradian, a leading data protection provider, to offer its award-winning applications, including Red Sift OnDMARC, to new and existing customers. Established through Red Sift’s relationship with UK distributor E92plus, the two companies look to strengthen defences against phishing and Business Email Compromise (BEC) attacks. Allowing organisations…

Read more
Cybersecurity

DMARCbis: What are the changes and how to be ready

Jack Lilley

Executive Summary: DMARCbis, also known as DMARC 2.0, is the forthcoming update to the DMARC email authentication protocol, designed to address limitations and ambiguities in the original standard, with an expectation to be finalized and published in 2025. The update introduces clearer guidelines, a new method for determining organizational domains, and streamlined record management.…

Read more
Certificates

TLS certificates are changing: What you need to know

Jack Lilley

Executive summary: TLS certificates are about to get significantly shorter-lived. Starting 15 March 2026, newly issued public-trust certificates will max out at 200 days—and just three years later, that lifespan drops to 47 days. Backed by Google, Apple, and Mozilla, this shift aims to make the web safer through fresher data, faster failover, and…

Read more