Best Practices for a Mature Application Security Program
Presented By: Dr. Larry Ponemon and Ed Adams
With 84% of all cyberattacks occurring on the application layer*, there is little debate that applications pose the most risk to organizations. However, typical investment in application security does not correspond with this risk and determining which activities yield the most ROI is not usually of top importance.
Application security risk mitigation requires a multi-dimensional approach that factors in your organization's expertise, processes, and threat profile. This webinar examines both the progress (and lack thereof) the industry has made, referencing research from The Ponemon Institute conducted over the past several years. Presenters Ed Adams (CEO of Security Innovation) and Larry Ponemon (Chairman and Founder of the Ponemon Institute) will also describe risk-based measures you can take to reduce your enterprise attack surface and rollout a secure and repeatable Software Development Lifecycle (SDLC). Some topics covered will include:
- Trends over last several years
- Where have companies improved?
- Where do companies continue to struggle?
- Threat modeling and risk rating your applications
- Data classification
- Correlating frequency and depth of test activities
- Vulnerability remediation prioritization
- Understand the myriad of threats to different platforms
- Optimizing your Software Development Lifecycle (SDLC)
- Adopting standards and best practices
- Identifying skill gaps
- Building a roadmap and sequencing steps
Meet the Presenters
Larry Ponemon, Ph.D., Chairman and Founder, CIPP - Dr. Larry Ponemon is the Chairman and Founder of the Ponemon Institute, a research "think tank" dedicated to advancing privacy and data protection practices. Dr. Ponemon is considered a pioneer in privacy auditing and the Responsible Information Management or RIM framework.
Dr. Ponemon consults with leading multinational organizations on global privacy management programs. He has extensive knowledge of regulatory frameworks for managing privacy and data security including financial services, health care, pharmaceutical, telecom and Internet.
Ed Adams, CEO of Security Innovation - Ed Adams is an IT and application security expert with over 20 years of experience in the field. Ed is a Ponemon Institute Fellow and a go-to cybersecurity expert for New England Cable News. He has served as a member of the Security Innovation board of directors since its inception in 2002 and took over as CEO in 2003.
Ed is on the board of the National Association of Information Security Groups (NAISG), and the International Secure Software Engineering Council (ISSECO). He was also named a Privacy by Design Ambassador by the Information and Privacy Commissioner of Ontario (IPC) in 2014.