Cyber security, with a concentration on defensive practices, processes, and policies, is the theme of this issue of the Software Tech News. Assuring a software system is at minimal risk from intrusions is not only about developing and maintaining software without weaknesses and vulnerabilities in a properly configured environment. Assurance also requires being able to demonstrate that desired properties of the system and its environment hold. Furthermore, a secure system should provide such Information Assurance functionality as confidentiality, integrity, availability, authentication, and non-repudiation.
Cyber security professionals have developed a variety of distinctions, understandings, practices, and policies to support their mission. This issue provides an overview of selected elements of cyber security, with a focus on software issues.