Ascendens Asia Logo
Logo

Research Journals Portal

Prioritizing Information Security: Analysis of Software Development Life Cycle Methodologies Using the NIST Cybersecurity Framework

Authors: Balocon Owen Harvey

Discipline

IT & management

Abstract

Information security has become a critical concern for companies seeking to protect data, customer information, and other sensitive assets. In addition to safeguarding data, software development now faces growing threats from hackers and malicious actors in the IT field. The challenge extends beyond ensuring the final product can withstand attacks—it also involves securing the software throughout the development process. This study drew upon existing research and literature to develop its framework and insights. Sources were obtained from reputable, indexed journals. Studies related to the software development lifecycle and the NIST Cybersecurity Framework were carefully analyzed to inform the research and achieve the study’s final objectives. The study revealed how each Software Development Life Cycle (SDLC) model can incorporate the five phases of the NIST Cybersecurity Framework. During the initiation phase, all models follow a similar process for data gathering and consideration of information, data, and security requirements. The primary difference lies in how each model maintains this information and transfers it to subsequent phases. Based on the study's findings, it is recommended that future researchers examine other Software Development Life Cycles (SDLCs), such as Iterative Waterfall, Agile Scrum, and emerging models, to explore the integration of information security and its benefits for the development process. Additionally, it is recommended that existing SDLCs incorporate new phases addressing data transition, storage, archival, and disposal to align with the final phase of the NIST framework. These recommendations can help project managers better understand the importance of information security and its advantages in terms of project development and organizational economic efficiency.

Keywords

cybersecurity, information security, software development life cycle, waterfall, rapid application development model, v-model, spiral model, agile model, national institute of standards and

Article PDF

Download

How to Cite

Use the format below when citing articles from this publication.

APA 7th Edition

Balocon, O. H. (2025). Prioritizing Information Security: Analysis of Software Development Life Cycle Methodologies Using the NIST Cybersecurity Framework. Ascendens Asia Journal of Multidisciplinary Research Conference Proceedings, 9(1). Retrieved from https://ascendens.asia/AAJMRCP/9/1/201

Ascendens Asia Journal of Multidisciplinary Research Conference Proceedings (AAJMRCP)

The Ascendens Asia Journal of Multidisciplinary Research Conference Proceedings (AAJMRCP) is a collection of abstracts of research papers presented during Multidisciplinary Research Fests (MRFs), Joint Multidisciplinary Research Conferences (JMRCs), and Joint Multidisciplinary Conferences Plus (JRMCs+) mainly organised by Ascendens Asia Singapore in collaboration with various institutions and learned societies.

Volumes

9 volumes

Issues

1 issues

ISSN

2529-7902

Publisher

Ascendens Asia Publishing Pte. Ltd.