It was ever thus (security edition)

GCN at 25

Earlier this year at the RSA conference in San Francisco, RSA's Art Cuviello, Microsoft's Bill Gates and others drew attention by talking about the importance of building security into software rather than tacking on stand-alone tools afterward. As GCN's Cybereye columnist William Jackson pointed out at the time (, it wasn't a new idea; he noted that SANS Institute research director Alan Paller has been saying the same thing for years.

GCN 25th anniversary logoA gander at the June 1984 edition of GCN takes the idea back even further. Melville Klein, then the director of the Defense Department's Computer Security Center, was quoted on the front page, saying, 'We want the word to get out to vendors that built-in security is essential.' He continued, with phrases that would seem at home at any security conference today, 23 years later. 'Security can't be built on,' Klein said. 'If you want true multilevel security it must be built in.' This was in the pre-Web days, and Klein said his primary worry was the KGB. But the idea is the same. If there's reason for hope, perhaps it's that, this time, it's the vendors themselves saying it.


  • automated processes (Nikolay Klimenko/

    How the Army’s DORA bot cuts manual work for contracting professionals

    Thanks to robotic process automation, the time it takes Army contracting professionals to determine whether prospective vendors should receive a contract has been cut from an hour to just five minutes.

  • Russia prying into state, local networks

    A Russian state-sponsored advanced persistent threat actor targeting state, local, territorial and tribal government networks exfiltrated data from at least two victims.

Stay Connected