Monday, March 1, 2021
  • Setup menu at Appearance » Menus and assign menu to Top Bar Navigation
Advertisement
  • AI Development
    • Artificial Intelligence
    • Machine Learning
    • Neural Networks
    • Learn to Code
  • Data
    • Blockchain
    • Big Data
    • Data Science
  • IT Security
    • Internet Privacy
    • Internet Security
  • Marketing
    • Digital Marketing
    • Marketing Technology
  • Technology Companies
  • Crypto News
No Result
View All Result
NikolaNews
  • AI Development
    • Artificial Intelligence
    • Machine Learning
    • Neural Networks
    • Learn to Code
  • Data
    • Blockchain
    • Big Data
    • Data Science
  • IT Security
    • Internet Privacy
    • Internet Security
  • Marketing
    • Digital Marketing
    • Marketing Technology
  • Technology Companies
  • Crypto News
No Result
View All Result
NikolaNews
No Result
View All Result
Home Internet Security

Developer security champions are needed now more than ever

June 20, 2020
in Internet Security
Developer security champions are needed now more than ever
585
SHARES
3.3k
VIEWS
Share on FacebookShare on Twitter

Developer security champions are members of the development team that can translate application security into a language that the rest of the developers can understand. These champions embed application security knowledge where it’s needed most: with the dev team.

Earlier this week, I spoke with the members of Forrester’s Security & Risk Council about developer security champions programs. We discussed the key steps to building a successful program, a couple of council members shared their own experiences with creating developer security champions programs, and we engaged in a group exercise with breakout sessions (a technological and organizational ballet when you’re doing all this virtually). Midway through the discussion, I received a question: How, in the midst of budget cuts and staff reductions, can we sell the leadership on another security program?

You might also like

These four new hacking groups are targeting critical infrastructure, warns security company

Privacy Commissioner asks for clarity on minister’s powers in Critical Infrastructure Bill

TikTok agrees to pay $92 million to settle teen privacy class-action lawsuit

More Urgent Than Ever

With the pandemic and accompanying recession still going strong, security teams face hiring freezes, are forced to make budget and staffing cuts, or are told to “do more with less.” Champions programs do not come for free: You must invest in management, training, incentives, and developer time. It’s easy to say that it’s “the wrong time” to add such a program, but instead, you should prioritize it. Why?

  • Scale. If, like many organizations, you’re not hiring a lot of new security staff, you need to push security expertise to the rest of the organization. Developer security champions will address many of the dev team’s basic security questions and requirements, and your team will be able to focus on the trickier ones.
  • Speed. Developer security champions are developers first and foremost. That means that they are working with the dev team from the beginning and applying their security expertise to design and development decisions early on. They will help the team avoid poor security decisions that take time to undo later and remediate security issues earlier in the process so that the development team doesn’t get caught in time-consuming security fire drills that delay release.
  • Alignment. With many firms finding themselves in 100% remote mode for the first time, strong communication channels help resolve process gaps that were glossed over when everyone was in the office. Developer security champions help bridge the security/development gap, facilitate discussions, and increase the security team’s credibility.

Make It A Formal, Funded Program

In the midst of today’s challenges, resist the temptation to quietly start an informal, unfunded pilot program to “prove the concept.” Instead, push for visibility, formality, and budget. For developer security champions programs to be successful, you need buy-in from executives and development leaders. Some developers and dev managers may be reluctant to engage, so higher-level support will guide them in the right direction. Even if you start small, funding and formal approval will give your program credibility and help you grow it over time.

This post was written by Principal Analyst Sandy Carielli and it originally appeared here.     

Credit: Zdnet

Previous Post

Essential Programming | Sorting Algorithms

Next Post

AEEC's Smart Water Data Analytics Solution is Selected for the LIFT Program | State

Related Posts

These four new hacking groups are targeting critical infrastructure, warns security company
Internet Security

These four new hacking groups are targeting critical infrastructure, warns security company

February 28, 2021
Privacy Commissioner asks for clarity on minister’s powers in Critical Infrastructure Bill
Internet Security

Privacy Commissioner asks for clarity on minister’s powers in Critical Infrastructure Bill

February 28, 2021
TikTok agrees to pay $92 million to settle teen privacy class-action lawsuit
Internet Security

TikTok agrees to pay $92 million to settle teen privacy class-action lawsuit

February 28, 2021
Cybercrime groups are selling their hacking skills. Some countries are buying
Internet Security

Cybercrime groups are selling their hacking skills. Some countries are buying

February 28, 2021
Why would you ever trust Amazon’s Alexa after this?
Internet Security

Why would you ever trust Amazon’s Alexa after this?

February 28, 2021
Next Post
AEEC’s Smart Water Data Analytics Solution is Selected for the LIFT Program | State

AEEC's Smart Water Data Analytics Solution is Selected for the LIFT Program | State

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Recommended

Plasticity in Deep Learning: Dynamic Adaptations for AI Self-Driving Cars

Plasticity in Deep Learning: Dynamic Adaptations for AI Self-Driving Cars

January 6, 2019
Microsoft, Google Use Artificial Intelligence to Fight Hackers

Microsoft, Google Use Artificial Intelligence to Fight Hackers

January 6, 2019

Categories

  • Artificial Intelligence
  • Big Data
  • Blockchain
  • Crypto News
  • Data Science
  • Digital Marketing
  • Internet Privacy
  • Internet Security
  • Learn to Code
  • Machine Learning
  • Marketing Technology
  • Neural Networks
  • Technology Companies

Don't miss it

AI And Automation In HR: The Changing Scenario Of The Business
Data Science

AI And Automation In HR: The Changing Scenario Of The Business

February 28, 2021
Machine learning could aid mental health diagnoses: Study
Machine Learning

Machine learning could aid mental health diagnoses: Study

February 28, 2021
Python vs R! Which one should you choose for data Science
Data Science

Python vs R! Which one should you choose for data Science

February 28, 2021
Can Java be used for machine learning and data science?
Machine Learning

Can Java be used for machine learning and data science?

February 28, 2021
These four new hacking groups are targeting critical infrastructure, warns security company
Internet Security

These four new hacking groups are targeting critical infrastructure, warns security company

February 28, 2021
The Time-Series Ecosystem – Data Science Central
Data Science

The Time-Series Ecosystem – Data Science Central

February 28, 2021
NikolaNews

NikolaNews.com is an online News Portal which aims to share news about blockchain, AI, Big Data, and Data Privacy and more!

What’s New Here?

  • AI And Automation In HR: The Changing Scenario Of The Business February 28, 2021
  • Machine learning could aid mental health diagnoses: Study February 28, 2021
  • Python vs R! Which one should you choose for data Science February 28, 2021
  • Can Java be used for machine learning and data science? February 28, 2021

Subscribe to get more!

© 2019 NikolaNews.com - Global Tech Updates

No Result
View All Result
  • AI Development
    • Artificial Intelligence
    • Machine Learning
    • Neural Networks
    • Learn to Code
  • Data
    • Blockchain
    • Big Data
    • Data Science
  • IT Security
    • Internet Privacy
    • Internet Security
  • Marketing
    • Digital Marketing
    • Marketing Technology
  • Technology Companies
  • Crypto News

© 2019 NikolaNews.com - Global Tech Updates