ISMG’s Virtual Roundtables focus on specific challenges being faced by information security executives in today’s cybersecurity landscape. Moderated by one of ISMG’s Executive Editors and a guest industry expert, Virtual Roundtables give cybersecurity professionals the opportunity to discuss threats and controls with a handful of market leaders in an informal and online setting, from which you will emerge with new ideas and solutions you can immediately put to work to improve your own organization’s defensive posture.
Software Security: How to Prioritize, Measure and Convey It To the Board
Tom Field – SVP – Editorial, ISMG / Chris Wysopal – Founder and CTO, Veracode
Amidst the shifting threat landscape, cloud migration and ongoing digital transformation, software security is often low or even last on the list of priorities for security leaders to address.
Yet, with the recent executive order on cybersecurity, and as headlines continue to feature high-profile breaches, board members at organizations across all industries are taking notice. Even though there are often designated technical experts on boards, there is now an increased awareness around cybersecurity – especially software security – even among the traditionally business-oriented members.
So, it’s important to prioritize software security and to tailor messages to the business functions so that they too can understand the organization’s risk posture. But communicating about software security to the board can be particularly challenging because of the ways that it differs from other security solutions. You don’t install a software security tool and count the breaches getting deflected; you change the way you develop software by building security in from the start. This is a significant pivot from traditional, reactive ways of thinking about security.
Security professionals are often faced with the following questions: How do we determine and justify the required resources for a software security program? How do we ensure – and prove – that development teams are adopting software security practices? Is our software security operating effectively? And how do we prove that?
Talking points include:
- How have you approached the software security challenge – and where is it among your strategic priorities?
- How do you make the successful business case for a software security program?
- With a program in place, how do you ensure your developers are following your standards?
- How do you measure the success of your program?
- How do you communicate the metrics to your board and senior management?
Join ISMG’s Tom Field for a moderated session featuring expert insight and case studies from Chris Wysopal, Founder and CTO at Veracode.
Request To Attend
Interested in participating? Submit your request to attend this virtual roundtable*:
By submitting this form you agree to our Privacy & GDPR Statement.
*Please note that this is an invitation-only event and space is limited. All requests to attend will be reviewed by our event staff and approved based on professional qualifications and event capacity. Additionally, these events will not be recorded and the Chatham House Rule will apply.
Date: Tuesday, January 25th, 2022
Time: 4:00 – 5:30 PM ET
Moderator: Tom Field
About the Sponsor
Veracode is a leader in helping organizations secure the software that powers their world. Veracode’s SaaS platform and integrated solutions help security teams and software developers find and fix security-related defects at all points in the software development lifecycle, before they can be exploited by hackers. Our complete set of offerings help customers reduce the risk of data breaches, increase the speed of secure software delivery, meet compliance requirements and cost-effectively secure their software assets – whether that’s software they make, buy or sell. Veracode serves more than 2,000 customers across a wide range of industries, including nearly a third of the Fortune 100 and more than 20 of Forbes’ 100 Most Valuable Brands.