Are You Ready To Secure Your Products Yet?
2015 and 2016 have seen a huge number of high profile breaches in tech product security and reliability. Data loss and reputational damage have occurred, as have actual customer harm and business destruction is a real risk.
I will cover de-risking security and reliability simultaneously, since at the organisation or product management level the approach and implications are very similar (but of course security is the title sure to get more attention
In this talk I will look at why leaders need to be tough on security, and how leaders who believe they are tough on security will find reality across all aspects of their products quite different to what they might think. In this post-censusfail world escaping by pointing the finger at teams or contractors who were saying all the right things is coming to an end.
After creating a reasonable level of fear, including some very brief case studies of major public tech security/reliability failings, I will look at a case study from a recent project where security issues raised in a new unreleased product were taken seriously by the tech leadership, and the implications across as many as five different departments.