A Logo

Feel free to include my content in your page via my
RSS feed

Help Irongeek.com pay for
bandwidth and research equipment:

Search Irongeek.com:

Affiliates:
Irongeek Button
Social-engineer-training Button

Help Irongeek.com pay for bandwidth and research equipment:

paypalpixle


How to Transform Developers into Security People - Chris Romeo Converge 2017 (Hacking Illustrated Series InfoSec Tutorial Videos)

How to Transform Developers into Security People
Chris Romeo
@edgeroute

Developers should be the first line of security defense, but in most organizations they are not. When developers hear security, they respond as either unlearned, overworked, apathetic, or excited. This session explores why developers reject security and provides a programmatic approach to answer the challenges. The session begins by exploring why security is a stretch for developers. Next, four responses to security are explored. Fictional back stories connect with the audience and allow them to understand each response. Then the foundation of the programmatic platform for change is explained, followed by specific guidance on how to reach and position security as important to each type. A short discussion about measuring transformation is included, and the conclusion is a set of secrets to reaching developers.

Chris Romeo is CEO and co-founder of Security Journey. His passion is to bring security belt programs to all organizations, large and small. He was the Chief Security Advocate at Cisco Systems for five years, where he guided Cisco’s Security Advocates, empowering engineers to "build security in" to all products at Cisco. He led the creation of Cisco’s internal, end-to-end security belt program launched in 2012. Chris has twenty years of experience in security, holding positions across the gamut, including application security, penetration testing, and incident response. Chris holds the CISSP and CSSLP.

Back to Converge 2017 video list

Printable version of this article

15 most recent posts on Irongeek.com:


If you would like to republish one of the articles from this site on your webpage or print journal please contact IronGeek.

Copyright 2016, IronGeek
Louisville / Kentuckiana Information Security Enthusiast