Embracing ‘Secure by Design’: A Fundamental Shift in Cybersecurity Development

Jim Richberg Champions ‘Secure by Design’ as Cornerstone of Cybersecurity

In an era where cyber threats loom larger than ever, Jim Richberg, Global Field CISO at Fortinet, emphasizes the urgent need for a foundational approach to product development known as "Secure by Design." This essential philosophy ensures that security is integrated into the very fabric of design and development processes, rather than being tacked on as an afterthought.

"Enhancing cyber-resilience is a shared responsibility," Richberg stated, highlighting the pivotal role of technology vendors in safeguarding our digital landscape. As organizations of all sizes rapidly adopt new technologies, it becomes paramount that vendors prioritize security in their offerings.

The concept of Secure by Design gained traction following the Cybersecurity and Infrastructure Security Agency’s (CISA) introduction of the Secure by Design Pledge. Launched in May 2024, the pledge aims to shift the cybersecurity burden from individual consumers and small businesses to larger organizations capable of reducing risks effectively. Since its inception, the number of signatory companies has surged from 68 to over 250, marking a notable industry shift toward stronger cybersecurity commitments.

Richberg, who played a crucial role in developing this pledge, was recently honored with the Institute for Security and Technology’s 2025 Cyber Policy Award for his efforts. He explains that the pledge serves as an "on-ramp" for technology vendors, providing a flexible framework to enhance product security while offering buyers a clear understanding of the cybersecurity protocols their vendors adhere to.

As the cybersecurity landscape continues to evolve, Richberg advocates for ongoing commitment to Secure by Design. "We must ensure our industry embraces this approach," he asserts, "to build a safer and more resilient digital future for everyone."