By Andrew Storms|2021-01-29T08:53:30-08:00January 28th, 2021|Categories: DevSecOps, LS/IQ, Secure Software Development, Virtual CISO|
Our LS/IQ virtual CISO customers often struggle to balance making new features instead of spending time building security features. Engineering managers in small tech companies always prefer to sit down and code the next big thing to sell their product. Adding security controls early in a [...]
By New Context Security Management|2020-10-13T10:33:09-07:00October 13th, 2020|Categories: Blog, DevSecOps, Secure Software Development|
The digital transformation roadmap needs to center on alignment and integration. All stakeholders need to be aligned to the same goal. All technologies require integration to minimize the number of rollouts necessary. Many leaders take a piecemeal approach that results in a segmented program. This can create holes, especially when [...]
By Andrew Storms|2019-11-08T11:26:49-08:00October 30th, 2019|Categories: Secure Software Development|Tags: CMMC, Department of Defense|
Earlier this year, the Department of Defense (DoD) announced the development and enforcement of new cyber security compliance requirements to be eligible for DoD contracts. Because the upcoming requirements affect so many companies (large and small) as well as prime and subcontractors, many organizations are looking for answers. Here [...]
By Andrew Storms|2019-11-18T09:30:24-08:00August 18th, 2019|Categories: DevSecOps, Secure Software Development|Tags: information security, infosec, secure software|
Software doesn’t write security in by itself; it takes best practices and intent to write good secure software. The industry is starting to agree on this, and the talk by Kelly Shortridge and Dr. Nicole Forsgren at Blackhat 2019 about bringing InfoSec and DevOps together is a great addition [...]
By Andrew Storms|2019-10-31T15:19:09-07:00February 12th, 2019|Categories: Secure Compliant Data Platform, Secure Software Development|Tags: cyber threat intelligence, cybersecurity, IT/OT, machine-to-machine learning|
Last week at DistribuTECH 2019, I had the opportunity to participate in a panel discussion on How AI and Machine-to-Machine Learning Are Enabling Cybersecurity Threat Intelligence. I was joined by fellow members of the California Energy Systems for the 21st Century (CES-21) program. Over the past 4 years, [...]
By Andrew Storms|2019-10-31T10:58:20-07:00November 28th, 2018|Categories: Secure Software Development, Tips & Tricks|Tags: data security, information security, infosec, Lean Security, software development, STIX/TAXII|
Thanksgiving in the US is passed and year end is in sight. As the end of the calendar year draws near, let's consider a few short term objectives you can complete right now that will have a long lasting effect on your security programs in 2019. 1. [...]
By Daniel Riedel|2019-10-31T10:59:19-07:00August 22nd, 2018|Categories: Secure Software Development|Tags: critical infrastructure, SBOM, SECURE, software bill of materials, software development|
Allan Friedman’s vision of the SBOM is Kubrickian indeed. Stanley Kubrick made films that looked with deep introspection into the future of our society, often as a polite and sometimes troubling warning of things to come. Like Kubrick, the cybersecurity expert Allan Friedman is calling attention to how [...]
By New Context|2019-10-31T15:51:02-07:00July 24th, 2018|Categories: Secure Software Development|
Although the big push around GDPR data management is (mostly) behind us, our customers are finding regulatory compliance will slow innovation if it's not a strategic priority. Everyone in the C-suite wants to do more with their data. They want to stream every byte through their tensorflow oracles [...]
By Andrew Storms|2019-11-18T09:16:50-08:00July 24th, 2015|Categories: DevSecOps, Secure Software Development|Tags: Devops, lean, Lean Security, Orchestration, pipeline, SECURE, security, threat|
All business leaders are faced with an ever growing list of challenges. Those of us who manage teams of software developers struggle with our own set of difficulties. The drums beat for us to address the unknown threats from Cyber Security risk while also developing and delivering software faster and [...]
Necessary cookies are absolutely essential for the website to function properly. This category only includes cookies that ensures basic functionalities and security features of the website. These cookies do not store any personal information.
