The National Cyber Security Division (NCSD) of the U.S. Department of Homeland Security works collaboratively with public, private, and international entities to secure cyberspace and America's cyber assets. As one of the overarching objectives to protect the cyber infrastructure, NCSD has implemented a cyber-risk management program for the protection of critical infrastructure
In his presentation, Joe Jarzombek will speak to the relevance of software security assurance in reducing organizational risk exposure. With today’s global IT software supply chain, project management and quality assurance processes must explicitly address security risks posed by exploitable software. Traditionally, these disciplines have not clearly and directly focused on software security risks that can be passed from projects to the organization. Software security assurance processes and practices span development and acquisition and can be used to enhance project management and quality assurance activities. Joe will explain the critical need for incorporating practices, processes, and principles used to build security into every phase of the software lifecycle. He will discuss free resources that are now available to assist project and quality assurance personnel in managing contracted, outsourcing, and development activities. Insights you will gain:
Automation protocols characterize exploitable software constructs and are needed to advance software security assurance. Free resources are available to assist in managing contracted, outsourcing, and development activities. The Software Assurance Forum that DHS co-sponsors with the Department of Defense (DoD) and the National Institute for Standards and Technology (NIST) provides public/private collaboration focused on specifying and maturing processes and technologies to mitigate software security risks and encourage proactive and preventative security practices
| 
