U.S. government agencies are undergoing tremendous change in the area of secure software development maturity. A key benefit of the change is the reduction in time to achieve Authority to Operate (ATO) for software applications. Ensuring software is constructed with security in mind from the very beginning of the software development process reduces the risk of a breach and streamlines ATO attainment. Secure software development does not negate the need for risk assessment and management. Instead, it clarifies threats and mitigation options much earlier in the software development process.

There are a few relevant pieces of evidence that support the notion that secure software development is a U.S. federal government priority.