Build products to be cyber resilient

Here is how you unlock and create balance between cybersecurity and market success

That is what hacking really is … it is the craft of manipulating a device (hardware or software) to enable it to do something else. This might mean letting an Xbox become a favorite media player (the original and only true all-in-one device, built by hackers), or allowing someone to install something on your computer, or turn your lights on and off timed to their favorite song.

Cybersecurity is a product development requirement

Similar to every requirement (not a feature), cybersecurity ensures the device has the basics. These are woven in at the product creation moment. Developers work with subject matter experts including networking, base system, api, and hardware interfaces. Here is where the developer magic unfolds. The merging of all these components creates the product you and I love.

Products that are cyber resilient, are exceptional

I have had the privilege to build products for consumers to businesses, both hardware and software. These products represents 100s of millions of dollars in development and nearly a billion dollars in market value. When we make products there is a line that we must always balance.

Being Perfect is more deadly then any hacker

Releasing a product that allows us to iterate, learn from the market, and ensure our product sees the light of day demands us to release imperfect products. We always want to do more. We always want to add more features. We, the creators, always want you to have our best ideas in your hands.

  • The market has moved on while they were making perfect
  • They built something that consumers actually didn’t value
  • They packed so much cost into the product, they eclipsed the monetary appetite of the business/consumer

Cyber resilient is that balance

As you develop your product, iterations must happen. You must and can include cybersecurity into every product out of the gate. Even the most simple iterations and Minimum viable product (MVP) versions. The capability is the result of …

  1. Embedding cybersecurity requirements at the beginning
  2. Cybersecurity professionals support engineering before code is every locked in place
  3. Automation and clean programming libraries are managed and made available
  4. Rapid, < 1 hr from code being written, feedback of identified errors to engineering
  5. Minimizing attack surfaces through careful input/output controls — achieved in the design stage and validated throughout the creation cycle

Don’t be a zealot

We all work for the same company. It is our opportunity to share what we love, our craft, our passions with each other. We can do this together and carry the load as a team. To arrive at the ship date and demand changes is not only conflicting with this concept, it also is highly likely to cast doubt on your work.

If this was valuable, please comment and share

As usual, if you liked this article, please support me by clicking LIKE and share it with your own feed! This is the best possible way that you can support me and my pursuit to share my insights, ideas, and research. If anyone has anything to add or comment on in this article, please feel free to share it with everyone below in the comments section! Learn more about me at my homepage at www.jamesdeluccia.com, LinkedIn, follow me on Twitter @jdeluccia, listen on my podcast ‘Our Best Self, and Alexa skill briefings in the coming weeks!

About Me

--

--

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
James DeLuccia

James DeLuccia

Technologist, Researcher, Artist, Executive, Father, Author, Inventor, Speaker, and CrossFit...