Bay Area OWASP: Measuring Security
Details
OWASP Bay Area Chapter Member Tad Whitaker will moderate a panel about measuring security beyond vulnerability reports and compliance frameworks like SOC 2. This talk will dive deep into specifics around how to understand what you need to measure, how to quantify it, report the data upward toward management and use data to inform hiring decisions.
Bios:
____________________
Charles Nwatu, Manager Security, Technology Assurance and Risk @ Netflix
Charles has over 13 years of information security experience. Charles has held leadership roles at LinkedIn, Twilio, and StitchFix. He is currently an Engineering Manager at Netflix, focusing on risk measurement, governance, compliance, and technology assurance. Charles is an advocate for volunteering; he was a Co-Technical Lead for Black Girls CODE and a Fellows Program Council Co-Chair for CODE2040. He is a proud member of /dev/color, and so an ally of the Women's Society of Cyberjutsu.
____________________
Rich Seiersen, CEO/Cofounder @ Soluble
Prior to Soluble, Rich spent 20 years deep in the salt mines of security operations and development. Along the way, he became a serial CISO with stints at LendingClub, Twilio and GE. But he got his start in security startups building vulnerability management products for companies like Qualys and Tripwire. He’s also the co-author of “How To Measure Anything In Cybersecurity Risk,” and the forthcoming “The Metrics Manifesto: Confronting Security With Data.”
____________________
Caroline Wong, Chief Strategy Officer @ Cobalt
As CSO, Caroline leads the Security, Community, and People teams at Cobalt. She brings a proven background in communications, cybersecurity, and experience delivering global programs to the role.
Caroline’s close and practical information security knowledge stems from her broad experience as a Cigital consultant, a Symantec product manager, and day-to-day leadership roles at eBay and Zynga. Caroline also hosts the Humans of InfoSec podcast, teaches cybersecurity courses on LinkedIn Learning and has authored the popular textbook Security Metrics, A Beginner's Guide.
____________________
Tad Whitaker, Security Engineering Manager @ CircleCI
Tad Whitaker oversees GRC, Security Operations, Product Security and Platform Security at CircleCI. Previously, he was a licensed private investigator and Certified Fraud Examiner. He is a founder of the Day of Shecurity workshop (dayofshecurity.com), part of the Bay Area OWASP leadership group and volunteer with the national Hour of Code project and Mission Bit (which teaches programming to low-income high school students).