Abstract: Consistently, malicious attacks through unpatched software continues to be one of the leading causes of security breaches year after year. Most attention has been placed on continuous patching to eliminate any security holes in existing software. However, as more devices continue to be connected (i.e., Internet of Things) and entire industries move to a connected environment (e.g. healthcare), closer attention needs to be placed on the development process, specifically implementing secure software development guidelines. In the following paper, we discuss the need for secure coding by first evaluating current data breaches caused by software flaws followed by a history of secure coding. This is followed by a discussion options available to developers for implementing secure coding. We finish by providing general recommendations for incorporating secure coding into current practices that could be adapted for both an organizational environment and higher education.
Keywords: software development, secure coding, development life-cycle, developer
Download this article: JISAR - V9 N1 Page 38.pdf
Recommended Citation: Grover, M., Cummings, J., Janicki, T. (2016). Moving Beyond Coding: Why Secure Coding Should be Implemented . Journal of Information Systems Applied Research, 9(1) pp 38-46. http://jisar.org/2016-9/ ISSN: 1946-1836. (A preliminary version appears in The Proceedings of CONISAR 2015)