Abstract

Modern product development environments generate large volumes of security-relevant data across design, development, testing, deployment, and cloud operations. Traditional security practices often fail to leverage this data effectively, resulting in fragmented visibility and delayed responses to emerging threats. This study examines how data-driven analytics can strengthen cyber risk decision-making throughout the product development lifecycle. Using publicly available vulnerability datasets and cloud telemetry as representative data sources, the study evaluates how predictive modeling, statistical analysis, and anomaly detection help identify risks earlier, improve prioritization, and enhance monitoring of dynamic cloud systems. Drawing on Technological Frames Theory, the study also analyzes how stakeholder interpretations influence the adoption and integration of analytics tools. The results show that analytics improves the detection of architectural weaknesses, highlights vulnerability patterns in development artifacts, and provides insight into configuration drift and anomalous access behavior in cloud environments. The study concludes that data-driven approaches offer meaningful advantages for lifecycle-wide cybersecurity, but their effectiveness depends on data quality, cross-team alignment, and shared understanding of the role of analytics. These findings underscore the need for organizations to embed analytics into each development stage and cultivate consistent interpretive frameworks to support secure-by-design practices.