TechTarget and Informa Tech’s Digital Business Combine. Dark Reading Resource Library Black Hat News Omdia Cybersecurity Advertise NEWSLETTER SIGN-UP Cybersecurity Topics World The Edge DR Technology Events Resources CYBERSECURITY OPERATIONS Cybersecurity In-Depth: Feature articles on security strategy, latest trends, and people to know. Software Development Practices Help Enterprises Tackle Real-Life Risks Organizations can borrow secure-by-design processes to manage non-technical challenges like governance or the inevitable human error. Arielle Waldman,Features Writer,Dark Reading March 5, 2026 4 Min Read SOURCE: ANDRII YALANSKYI VIA ALAMY STOCK PHOTO Cybersecurity is no longer isolated to the security operations center (SOC), as threats trickle in from new hires, poor governance policies, or vulnerable third-party vendors. What was once assigned as an SOC responsibility now extends to roles across the organization, from Human Resources and accountants to front desk personnel. The line between what is or isn't considered a security issue also continues to blur as technology inundates business operations. However, security frameworks like the Software Development Life Cycle (SDLC) which defines specific plans to integrate security from the beginning, can still be applied to what normally appears as a non-security related issue. Following the SDLC, organizations can break down complex projects into five simple categories: plan, design, develop, deploy, and maintain, explains Mathew Everman director of information security at the Center for Internet Security. This will facilitate embedding security into the company culture. Related:Stranger Things Meets Cybersecurity: Lessons from the Hive Mind Everman will dive into the concept during an RSAC conference session in San Francisco this month to help "break down the walls" of people trying to fit into security or governance boxes, a problem he experienced personally. Dangerous Curve Ahead Everman developed the concept after observing the talent acquisition process. While it's commonly managed by HR, other teams are involved, such as IT, governance, and legal. New hires and former employees can introduce security risks into the environment. For example, in 2024 KnowBe4 accidentally hired a North Korean threat actor as a software engineer who appeared to have a legitimate background check. Risks aren't confined to the onboarding process. When organizations terminate employees, they often forget to revoke access, leaving accounts wide open for attackers to secretly seize. In the talent-acquisition use case, Everman broke down the process into categories that aligned with the usual hiring workflow – including job description, job posting, interview, onboarding, employment, and off-boarding. To address threats similar to the one KnowBe4 experienced, he suggests doing a threat profile so companies can determine "how dangerous is this role to my organization if I fill it with the wrong person," he says. Talent acquisition processes can also follow security teams’ threat monitoring approach to reduce risks. At previous companies, Everman added home IP addresses to the VPN block list following employees’ exits While the block list could be easy to bypass, organizations may not want that employee coming back on, especially if they are disgruntled. Related:Operation Red Card 2.0 Leads to 651 Arrests in Africa Security culture training is another main component of the talent acquisition process. Everman recommends that organizations gather open-source intelligence once someone is onboarded, monitoring their social media and online activity to verify if their idea of acceptable risk or compliance aligns with the company's. A new hire may show off their fresh ID and announce on social media they scored a new job. To some people, that just comes across as excitement. But to Everman and his red team, that's an opportunity to steal the photo ID and do some damage. Like other seemingly non-security related issues, it may seem innocuous but "there is a danger there," he says. "Now more than ever, security and governance teams are spread," Everman says. "Business hasn't changed but emerging tech like AI is moving so quickly, implementation for things moves so quickly. Things that we used to be able to have a reactive approach for may not be in the best interest now." 'It's a Weird Way to Think of Things' The way organizations view threats is also shifting. People jump to security when they think of a threat or cyber incident but it's a "weird way to think of things," reveals Everman. Cybersecurity threats aren't the only risks draining enterprise time and money, he adds. Related:How to Stay on Top of Future Threats With a Cutting-Edge SOC A threat could constitute something that compromises a company's reputation, or it could be a privacy threat. Approving a vendor and then deploying the new tool without performing all the checks and balances could slow down an enterprise or hurt cybersecurity professionals if they don't catch a problem before it reaches production. The more integrated privacy policies, risk appetite, and cybersecurity are in these enterprise processes, and early “the better the chance you'll be able to be confident that you're putting something that is secure out into the world," Everman says. Stop Butting Heads Everman implemented the approach internally. It's led to better conversations than ever with teams, he says. Conversations have expanded beyond just IT teams to project management teams as well, because it's important to be included in those talks early on, he adds. "We're integrating our security components into their planning phases, so they slot things in where they're supposed to go," he says. "Who we're talking to is changing the most. We're talking to major decision makers and those conversations that used to be for the CISO." The Center for Internet Security must be on the edge of whatever is coming out at any given time, he says; to provide that, teams need to be as integrated into those processes as they can. Even teams Everman and his team used to "butt heads with" are more open to integrating when approached with a plan — even developers, who have a reputation for clashing with security. "We're trying to fit into their workflow," he says. "If I fit seamlessly into your workflow because I know what it is, you won't see me as friction anymore." About the Author Arielle Waldman Features Writer, Dark Reading Arielle spent the last decade working as a reporter, transitioning from human interest stories to covering all things cybersecurity related in 2020. Now, as a features writer for Dark Reading, she delves into the security problems enterprises face daily, hoping to provide context and actionable steps. She looks for stories that go past the initial news to understand where the industry is going. She previously lived in Florida where she wrote for the Tampa Bay Times before returning to Boston where her cybersecurity career took off at SearchSecurity. When she's not writing about cybersecurity, she pursues personal projects that include a mystery novel and poetry collection. More Insights Industry Reports ThreatLabz 2025 Ransomware Report The Total Economic Impact™ Of Zscaler Private Access (ZPA) Zscaler ThreatLabz 2025 VPN Risk Report GigaOm Radar for CNAPP The Total Economic Impact™ of Google SecOps Access More Research Webinars Building a Robust SOC in a Post-AI World Retail Security: Protecting Customer Data and Payment Systems Rethinking SSE: When Unified SASE Delivers the Flexibility Enterprises Need Securing Remote and Hybrid Work Forecast: Beyond the VPN AI-Powered Threat Detection: Beyond Traditional Security Models More Webinars You May Also Like CYBERSECURITY OPERATIONS Prep is Underway, But 2026 FIFA World Cup Poses Significant Cyber Challenges by Robert Lemos, Contributing Writer SEP 26, 2025 CYBERSECURITY OPERATIONS NIST Enhances Security Controls for Improved Patching by Arielle Waldman SEP 02, 2025 CYBERSECURITY OPERATIONS JSON Config File Leaks Azure ActiveDirectory Credentials by Elizabeth Montalbano, Contributing Writer SEP 02, 2025 CYBERATTACKS & DATA BREACHES DeepSeek Breach Opens Floodgates to Dark Web by Emma Zaballos APR 22, 2025 Edge Picks APPLICATION SECURITY AI Agents in Browsers Light on Cybersecurity, Bypass Controls CYBER RISK Browser Extensions Pose Heightened, but Manageable, Security Risks CYBERSECURITY OPERATIONS Video Convos: Agentic AI, Apple, EV Chargers; Cybersecurity Peril Abounds ENDPOINT SECURITY Extension Poisoning Campaign Highlights Gaps in Browser Security Latest Articles in The Edge CYBERSECURITY OPERATIONS Stranger Things Meets Cybersecurity: Lessons from the Hive Mind MAR 4, 2026 СLOUD SECURITY The Tug-of-War Over Firewall Backlogs in the AI-Driven Development Era MAR 2, 2026 CYBER RISK PCI Council Says Threats to Payments Systems Are Speeding Up FEB 25, 2026 IOT Connected & Compromised: When IoT Devices Turn Into Threats FEB 19, 2026 Read More The Edge Discover More Black Hat Omdia Working With Us About Us Advertise Reprints Join Us NEWSLETTER SIGN-UP Follow Us Copyright © 2026 TechTarget, Inc. d/b/a Informa TechTarget. This website is owned and operated by Informa TechTarget, part of a global network that informs, influences and connects the world’s technology buyers and sellers. All copyright resides with them. Informa PLC’s registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. TechTarget, Inc.’s registered office is 275 Grove St. Newton, MA 02466. Home| Cookie Policy| Privacy| Terms of Use