Prioritizing Information Security: Analysis of Software Development Life Cycle Methodologies Using the NIST Cybersecurity Framework
Authors: Balocon Owen Harvey
Discipline
IT & management
Abstract
Information security has become a critical concern for companies seeking to protect data, customer information, and other sensitive assets. In addition to safeguarding data, software development now faces growing threats from hackers and malicious actors in the IT field. The challenge extends beyond ensuring the final product can withstand attacks—it also involves securing the software throughout the development process. This study drew upon existing research and literature to develop its framework and insights. Sources were obtained from reputable, indexed journals. Studies related to the software development lifecycle and the NIST Cybersecurity Framework were carefully analyzed to inform the research and achieve the study’s final objectives. The study revealed how each Software Development Life Cycle (SDLC) model can incorporate the five phases of the NIST Cybersecurity Framework. During the initiation phase, all models follow a similar process for data gathering and consideration of information, data, and security requirements. The primary difference lies in how each model maintains this information and transfers it to subsequent phases. Based on the study's findings, it is recommended that future researchers examine other Software Development Life Cycles (SDLCs), such as Iterative Waterfall, Agile Scrum, and emerging models, to explore the integration of information security and its benefits for the development process. Additionally, it is recommended that existing SDLCs incorporate new phases addressing data transition, storage, archival, and disposal to align with the final phase of the NIST framework. These recommendations can help project managers better understand the importance of information security and its advantages in terms of project development and organizational economic efficiency.
Keywords
cybersecurity, information security, software development life cycle, waterfall, rapid application development model, v-model, spiral model, agile model, national institute of standards and
Article PDF
DownloadHow to Cite
Use the format below when citing articles from this publication.
APA 7th Edition
Balocon, O. H. (2025). Prioritizing Information Security: Analysis of Software Development Life Cycle Methodologies Using the NIST Cybersecurity Framework. Ascendens Asia Journal of Multidisciplinary Research Conference Proceedings, 9(1). Retrieved from https://ascendens.asia/AAJMRCP/9/1/201
Ascendens Asia Journal of Multidisciplinary Research Conference Proceedings (AAJMRCP)
The Ascendens Asia Journal of Multidisciplinary Research Conference Proceedings (AAJMRCP) is a collection of abstracts of research papers presented during Multidisciplinary Research Fests (MRFs), Joint Multidisciplinary Research Conferences (JMRCs), and Joint Multidisciplinary Conferences Plus (JRMCs+) mainly organised by Ascendens Asia Singapore in collaboration with various institutions and learned societies.
Volumes
9 volumes
Issues
1 issues
ISSN
2529-7902
Publisher
Ascendens Asia Publishing Pte. Ltd.
Issue PDF
Download PDF