Ivanti CEO pledges new era for cybersecurity

What they're saying: "Ivanti is looking to set a new bar for the industry as the rapidly increasing sophistication of threat actors has pressed the network security space to rethink everything," Abbott told Axios exclusively in a statement.

• "The path we've outlined sets a course not just for Ivanti, but for everyone who is facing this new era of security."

Zoom in: As part of the commitments, Ivanti is revamping its engineering, security and vulnerability management practices to make sure current products are fully secured.

• The company is also implementing new "secure-by-design" principles into its production cycle, such as running security tests to ensure that products are protected from cyber threats from the beginning.
• As part of its vulnerability management program, Ivanti is now running more thorough internal scans for bugs and providing "increased incentives" as part of its bug reporting program, per the letter.
• Ivanti is also creating a new customer advisory board that will ensure the company is prioritizing security in the ways its customers would like to see. Details about this board will be released in the "coming weeks," per the letter.

The big picture: Major cyberattacks often prompt companies to revisit their internal security practices.

• Microsoft recently unveiled a new cybersecurity strategy after a series of nation-state cyberattacks targeting the company.

Between the lines: Ivanti's new commitments also model the strategies that federal officials have been pushing more companies and critical infrastructure operators to pursue.

• CISA has spent the last few years championing "secure-by-design" principles.
• The Biden administration is also examining ways to hold companies liable for insecure design choices in their products.