Software Security Assurance: Keeping Your Security Program on the Rails
- Bruce Jenkins, Program Manager, HP
- Tuesday, August 26th, 12:30pm - 1:15pm
In working with dozens of organizations across all industries, a common theme has emerged as it relates to effective implementation of software security assurance programs: they generally are not effective. In fact, in numerous cases, programs are often shelved outright after several years of multiple implementation attempts. An obvious downside of this failure is a lack of return on security technology investments. The reasons for failure vary, but it often comes down to an absence of management commitment, a lack of focus, or simply insufficient awareness and education amongst stakeholders. This presentation explores why programs do not get off the ground or flounder after launch, and what can and should be done to prevent or correct those situations. Developers, project leads, architects and information security managers will benefit from discussions about the key elements to effective security program implementation.
The following bonus sessions are open to all paid attendees at no additional cost. There are many different types of events that fall into these categories:
- SANS@Night: Evening presentations given after day courses have ended. This category includes Keynotes.
- Special Events: SANS-hosted events and other non-technical recreational offerings. This category includes, but is not limited to, Receptions and Information Tables.
- Lunch & Learn: Short presentations given during the lunch break.