Skip to Main ContentSkip to Footer
Blog

Secureworks Joins CISA Pledge: Our Commitment to Advancing Industry Standards

The CISA Secure by Design pledge is progress worth celebrating, but more industry action is needed

CISA Pledge Blog Blog_4-3-xl
December 18, 2024

As cyber threats grow increasingly sophisticated, the demand for robust and proactive security measures has become critical to safeguarding our digital future. At Secureworks®, we believe this challenge requires not only advanced solutions, but also collective industry action. That’s why we’re proud to announce that our CEO, Wendy Thomas, has signed the CISA Secure by Design pledge. This initiative reflects our unwavering commitment to delivering secure enterprise software and services, while deepening the trust we’ve built with our customers and partners.

Understanding the Urgency Behind the CISA Secure by Design Pledge

The CISA Secure by Design pledge is a collaborative effort aimed at raising the cybersecurity bar across the tech industry. It calls on software manufacturers to voluntarily adopt practices that ensure secure development, deployment, and maintenance of products. The pledge outlines seven actionable goals, ranging from adopting phishing-resistant multi-factor authentication (MFA) to improving transparency through robust vulnerability disclosure policies.

While this pledge is a significant step forward, it’s only the beginning. We applaud the participating companies for rallying around these goals and committing to change, but we believe the stakes are too high for security to remain optional. Real, lasting progress in the cybersecurity landscape demands a move beyond voluntary commitments to shared actionable standards.

Leading by Example: Secureworks’ Progress

Secureworks is ahead of the curve on many of the pledge's goals – and we are continuously working to improve. Below is a summary of our alignment with each of the seven core goals:

  1. Multi-Factor Authentication (MFA)
    • Goal: Broaden MFA adoption across products.
    • Our progress: We already require MFA and are enabling phishing-resistant MFA in the Taegis™ platform.
  2. Default Passwords
    • Goal: Eliminate the use of default passwords.
    • Our progress: We rely on passwordless authentication, or unique passwords, and will continue with this practice as we transition to a new authentication provider.
  3. Reducing Vulnerability Classes
    • Goal: Minimize common vulnerabilities at scale.
    • Our progress: We block releases with critical vulnerabilities and enforce best practices like parameterized SQL queries.
  4. Security Patches
    • Goal: Encourage faster adoption of security patches.
    • Our progress: We provide clear visibility into software versions and will soon add new tools for monitoring patch adoption.
  5. Vulnerability Disclosure Policy (VDP)
    • Goal: Enable public testing and reporting of vulnerabilities.
    • Our progress: We have a mature VDP and recently expanded our public security advisory resources.
  6. Common Vulnerabilities and Exposures (CVEs)
    • Goal: Improve transparency in vulnerability reporting.
    • Our position: While we prioritize direct communication with customers over public CVEs, we ensure vulnerabilities are disclosed transparently and responsibly.
  7. Evidence of Intrusions
    • Goal: Equip customers to detect cybersecurity incidents.
    • Our progress: New authentication logs will soon enable customers to monitor and detect potential abuse against Taegis itself.

Fostering a Culture of Cybersecurity Across Organizations

We are encouraged by current progress, as industry leaders rally around the CISA Secure by Design framework. However, the evolving and unpredictable threat landscape requires more than voluntary efforts. To address the scale and complexity of today’s modern cybersecurity challenges, the Secure by Design framework must be woven into the very fabric of every organization. Clear and measurable progress is critical to ensuring this initiative achieves lasting impact.

At Secureworks, cybersecurity is what we do and who we are. We remain committed to fostering transparency, collaboration, and robust mechanisms that ensure that best practices are more than aspirations – but instead realized and delivered. By aligning with standardized security baselines, we can collectively help build a digital ecosystem that is resilient, trustworthy, and secure.

Looking Ahead: A Shared Responsibility

The CISA Secure by Design pledge is a promising first step and Secureworks is honored to join this initiative. But as we celebrate this move forward, we must also recognize the need for continued collective progress. The future of cybersecurity hinges on transforming good intentions into impactful, tangible actions. We remain committed to doing our part – and calling on others to do the same.

Click here to learn more about Secureworks Taegis and discover why it's the trusted platform of choice for today’s security professionals.

Back to all Blogs

GET THE LATEST SECURITY UPDATES

Thank you for your submission.

Try Taegis Today

Request a demo to see how Taegis can reduce your risk, optimize your existing security investments, and fill your talent gaps.