(ISC)2, a nonprofit body of certified information security professionals, has announced the expansion of its Security Leadership conference series to address integrating security throughout the software development lifecycle (SDLC) to better protect enterprises and individuals.
(ISC)2 will kick-off its SecureSDLC conference series on June 17 in Fremont, California.
Titled "SecureSDLC: Building Security into the Software Lifecycle," the day-long conference will feature a keynote at 9 a.m. from David Rice, author Geekonomics: The Real Cost of Insecure Software, who will discuss how insecure software contributes to the destruction of global economic wealth and enables pandemic cybercrime.
In addition, several members of the Silicon Valley’s Office of the CIO will participate in a panel discussion at 11 a.m. on the problems insecure software has caused their organizations and the solutions they’re seeking from vendors. The panel will be moderated by Dean Lane, author of CIO Wisdom: Best Practices from Silicon Valley. The panel will feature Lincoln Heacock, CIO of CyberSource; Allyn McGillicuddy, CIO of Golden Gate University; Max Rayner, CTO of Travelzoo; and Jim Trovato, CISO of Intuit.
According to Rice, "To this day, software remains one of the most defective products in the global market place. The software market is a market for lemons, where buyers cannot distinguish between ‘good’ and ‘bad’ software. Consequently, high-quality, secure software is driven from the market. This is bad for everyone -- governments, enterprises, businesses, customers, and citizens."
Other speakers scheduled for the event include Rafal Los, senior Web security specialist for Hewlett-Packard (HP) Software and blogger, who will speak about developing an execution-flow-based approach to application security testing; and Brad Arkin, director of product security and privacy for Adobe, who will speak about gaining acceptance for a secure approach to software development and how Adobe implemented its own Secure Product Lifecycle program.