Managing Software Security Risk: Streamlining AppSec Policy Definition and Implementation
Organizations often struggle in defining security policies. Its a highly critical component that drives security programs, yet an incredibly sophisticated process in defining, creating and implementing with support of other organizational departments.
As close to 90% of attacks today originate through software applications, its essential for companies to bridge the security/development gap and prioritize application security from the ground up.
This presentation will provide some insight on defining appsec policies, highlighting the differences from InfoSec policy, attributes o effective policy and how to make policies actionable. It will articulate the best ways to use these policies, including mapping to compliance requirements and organizing new processes around policy implementation.
Tom Bain is the Director of Product Marketing for Security Innovation. Tom has nearly twelve years of experience in the IT Security and Marketing industries having worked with multiple IT Security and technology brands
Tom has a breadth of writing experience ranging from authoring industry white papers to product data sheets. He regularly presents on industry webinars at Security Innovation and for partners including Rapid7 and Wombat Security.He has been responsible for authoring copy with impact to target specific titles within an organization or industry as part of demand generation for companies he’s worked for. He’s also ghost-written multiple articles for executives for publications including Network World, SC Magazine, ThreatPost,Network Security, InfoSecurity Magazine, Computer Technology Review, ComplianceWeek,SearchSecurity, SearchCompliance, eWeek, Dashboard Insight and Dark Reading.