This document discusses cyber security and defense. It is authored by Gary McGraw, Chief Technology Officer of Cigital, a leading software security consulting firm. The document summarizes that effective cyber defense requires a proactive approach through secure software engineering practices rather than reactive approaches like cyber offense. It advocates focusing on improving security by "building security in" from the start rather than exploiting existing vulnerabilities.