In a post COVID-19 world, privacy concerns in software are critical. We need to collect, store, share, and archive information in a way that respects the privacy of individuals within organizations. While traditional data classification can help identify key assets, little is being done in the SecDevOps lifecycle to ensure that privacy concerns are elevated as first-order citizens.
We will explain and demonstrate, using the ISO 27000 series of standards, how to make the SecDevOps value stream radiate relevant privacy metrics so that auditors and legal teams can make informed decisions about privacy risk.
Ultimately, the SecDevOps value stream has to provide business value. We will explain how business values of cybersecurity resiliency, compliance, and revenue all come together. It is no longer a zero-sum game across these business priorities - all must be met with the right balance.
When: Tuesday, November 10th, 2020
Where: 15th Annual API Cybersecurity Conference
What: Application Security and SecDevOps
Who: Altaz Valani
Altaz Valani is the Director of Insights Research at Security Compass and manages the overall research vision and team. He is a conference speaker and conducts ongoing research in the Software Security domain. Prior to joining Security Compass, he was a Senior Research Director and Executive Advisor at Info-Tech Research Group providing trusted advice around application development, application rationalization, agile, cloud, mobile, and the SDLC. Past positions include Senior Manager at KPMG, and other positions working alongside senior stakeholders. Altaz sits on several industry working groups at IEEE, The Open Group, CIO Strategy Council, and SAFECode.