Secure-by-Design is the latest initiative on everyone’s lips, and the Australian government, collaborating with CISA at the highest levels of global governance, is guiding a higher standard of software quality and security from vendors.

A significant uptick in software security will require a groundswell of support for security skill-building and, when it comes to developers, an emphasis on continuous learning around secure coding best practices. It is refreshing to witness a new chapter for the industry, in which global governments are leading by example and providing appropriate guidance to mitigate insidious, code-level vulnerabilities.

The Australian Women in Security Network (AWSN) has worked tirelessly to promote more women in cybersecurity roles in Australia. We, along with Commonwealth Bank (CBA), recently held a secure coding tournament for security-savvy developers and professionals to showcase their skills in a friendly, competitive environment.

This July 17 event was well-attended by incredible women representing multiple verticals, and it’s safe to say that their contributions will assist in shaping Australia as one of the most cyber-safe nations in the world by 2030.

Endorsement for a more secure future

We were fortunate to have Lt. Gen. Michelle McGuiness, Australia’s Cyber Security Coordinator, supporting the joint AWSN/CBA/SCW tournament event. Speaking directly to Australia’s Six Cyber Shields initiatives and endorsing Secure-by-Design principles, her words resonated with the room of dedicated cyber professionals committed to positive changes and higher standards of software design and execution:

‍

‍

“We want to enlist the whole country in tackling [cybersecurity] challenges, and that includes making sure we build a strong and diverse and, of course, inclusive, welcoming cyber workforce.

Our strategy is built around six cyber shields that help protect our businesses, our organizations, and our citizens. Perhaps most pertinent to today's event is our work under the strategy that focuses on secure by design and secure by default. We should have every confidence that we won't be exposed to unnecessary risks when we buy digital devices or software.

And, of course, industry has a great role to play in helping us foster, grow and support these pathways for the benefit of their company, the benefit of our economy … and the security of our nation … I commend Secure Code Warrior and CBA as well as … AWSN for their leadership in bringing together today's event.”

What happens when you code like a girl?

Something incredible has always stood out to me whenever we have large-scale tournament events like this one. Typically, they involve tens of thousands of developers, and as is the statistical case industry-wide, quite a small percentage of the participants are female.

However, a female participant often ends up on the winners’ podium and shares the prize pool. I believe this speaks volumes for the inclusion of women in traditionally male-dominated spaces. Not only do they belong, but they can excel and be an aspirational force within their teams.

The competition was fierce in this event, and our overall winners, Bella Howard and Shanelle Haire, clearly have a bright future at the forefront of developer-driven security practices. They said of their win:

“We are thrilled about the win! Working as a pair was instrumental to our success—we believe our diverse skills and experiences complemented each other perfectly.

We also want to acknowledge that everyone performed exceptionally well. We are truly honored to have won and thoroughly enjoyed the event. We look forward to seeing you at the next one!”

Let’s get to know them a little better:

‍

• How long have you been working on your secure coding skills?

We both pursued dual degrees in IT, where our secure coding skills began to take shape. Bella developed a keen interest in cybersecurity, and we both attended events and workshops to expand our knowledge of the security field.

Through our employment, we have had the opportunity to utilize Secure Code Warrior, which has been instrumental in our development. Bella's focus on secure coding practices enhances her knowledge as a Security Analyst, while Shanelle's role as a Software Engineer demands a secure mindset, making secure coding an essential part of her responsibilities.

• Do you have any tips for women in STEM who are starting their secure coding careers?

We can highly recommend participating in security communities and learning from those already in the field. Joining female-led communities is also a fantastic way to gain support from women who have been in your shoes and can offer valuable guidance and encouragement.

Attend events like the Secure Coding Tournament and other industry-related workshops to learn and network while having fun. Seek out mentors who can guide you through your career and provide valuable insights. Don't wait until you feel like you know everything before you start—hands-on experience is the best way to learn.

• What is one thing you would do to promote the importance of cybersecurity best practices?

It's crucial to emphasize that security is everyone's responsibility. For effective in-depth security, all individuals working across the technology stack, as well as all users of technology, need to be aware of and adhere to security best practices. By fostering a culture where security is seen as a collective responsibility, we can better protect our systems and data.‍

‍

We thank all participants and look forward to partnering with AWSN on future projects.

‍