CyberScoop reports that the U.S. has been noted by its leading cybersecurity officials to be advancing the adoption of secure by design principles in its bid to revert cybersecurity burdens to tech vendors. Separate sessions tackling reduced software vulnerabilities and consumer cyber burden have already been held by the Cybersecurity and Infrastructure Security Agency with industry partners and open-source community, with the agency looking to further expand outlined secure by design principles, said CISA Senior Technical Adviser Jack Cable at the RSA 2023 Conference. Meanwhile, the Energy Department was touted by Deputy Assistant National Cyber Director Cherri Caddy to have created a complementary initiative to adopt such principles in operational technology. "Small and medium businesses, local school districts, water utilities, local hospitals, are not going to be successful in managing cybersecurity risk alone if they ever get in the crosshairs of a ransomware gang or an APT actor. Those who can bear the burden are held accountable for providing services that are safe and secure by design by default," said CISA Executive Assistant Director Eric Goldstein.