BeyondTrust Reinforces Commitment to a Safer More Transparent Digital World by Signing CISA’s Secure by Design Pledge

Atlanta, GA – October 24, 2024 – BeyondTrust, the global cybersecurity leader protecting Paths to Privilege™, today announced its latest milestone in efforts to work with the US Federal Government to help achieve a safer and more transparent digital world by signing the Cybersecurity and Infrastructure Security Agency (CISA)’s Secure by Design pledge. This collaboration aligns BeyondTrust with other industry leaders to build safer, more transparent technology products. Committed to demonstrating measurable progress, BeyondTrust will actively report its advancements toward the pledge’s goals.

Security by Design integrates security and compliance at every phase of product development, from conception to deployment. This proactive approach minimizes potential vulnerabilities and ensures that products are designed with user safety in mind, helping organizations prevent cyberattacks before they happen.

By signing CISA’s Secure by Design pledge, BeyondTrust solidifies its dedication to the US Federal Government’s cybersecurity objectives. This commitment, in tandem with initiatives like Zero Trust and FedRAMP, enables BeyondTrust to help secure federal systems, ensuring technology products meet stringent security standards. BeyondTrust’s pledge aligns with the government’s efforts to shift cybersecurity responsibility to technology providers, further protecting critical national infrastructure.

A recent report revealed that 75% of third-party breaches target the software and technology supply chain​. CISA, the NSA, FBI, and international partners are urging technology providers to take more responsibility for their products' security. BeyondTrust’s participation in the Secure by Design pledge addresses these concerns by ensuring secure products out of the box, relieving end-users from managing their own security. BeyondTrust’s Secure by Design approach shifts the responsibility of cybersecurity from the end-user to the technology provider, ensuring that products are secure from the moment they are deployed.

BeyondTrust’s commitment aligns with CISA’s seven key security principles, including:

1. Multi-factor Authentication (MFA): Expanding MFA to safeguard against password-based attacks.

2. Elimination of Default Passwords: Reducing reliance on default passwords to prevent unauthorized access.

3. Reducing Classes of Vulnerabilities: Proactively addressing entire classes of vulnerabilities to improve security.

4. Timely Security Patches: Ensuring patches are quickly deployed to address known vulnerabilities.

5. Vulnerability Disclosure Policy (VDP): Allowing public testing and transparent reporting of vulnerabilities.

6. Management of CVEs: Ensuring timely and accurate reporting of Common Vulnerabilities and Exposures (CVEs).

7. Evidence of Intrusions: Increasing the transparency of cybersecurity incidents and breaches.

“BeyondTrust has been partnering with the US Federal Government since our founding in 1985 to ensure secure access to data and systems,” said Sara Hobson, Senior Vice President, US Public Sector at BeyondTrust. “As cyber threats evolve, we remain committed to delivering secure technology to our customers, meeting all cybersecurity and Zero Trust requirements. We are proud to take the Secure by Design pledge and look forward to a continued partnership.”

Learn more about the Secure by Design Pledge and BeyondTrust’s commitment to a safer digital future by visiting CISA’s Secure by Design page.