We live within a data driven, technology enabled, software-controlled world. Every aspect of business today is driven by software. The information that defines our wealth, our health, and our happiness is managed by software. Every line of that software is designed, coded, and delivered – mostly by humans, but increasingly by software that was also designed by humans. How that software is designed, how it is tested, how it is delivered, and how it is maintained in working order is very important. How that software is kept secure is more important.
The only problem here is that design, test and delivery are all ordered by the customer who needs the software. They are part of the specification. Security is not usually part of the design, and hence often not included in the specification. Sometimes it is deliberately left off simply because of cost.
This Masterclass will explain why the concept of Secure by Design is not only relevant to our current world, but why it makes business sense at all levels, and why those that master Secure by Design principles will remain in demand.
We will go over the principles and practice of secure by design, from explaining the business foundation for security, and showing how these principles not only build better software, they enable faster more reliable code, and actually reduce the lifecycle cost of any software or application based product or service. We will further explain how these principles not only improve your reputation as a developer, help you to build and manage more productive development teams, improve the quality of products that you work on, and make sure that the privacy and information of the customers of those products are all kept safer, more secure and accurate at the same time.
In this two-part masterclass, you will learn the key fundamentals of why, when, and how to implement secure by design principles in your applications, business, products and processes.
These classes are aimed at the business managers who depend on software for business
success, the developers and coders of that software, and those who employ or contract
These masterclasses are principle based and do not require active coding skills, but anyone
with an inner geek will feel quite at home. References and notes will be included so those who wish to test and evaluate discussed software, techniques, testing, or management principles
can do so in their own time.
Each Masterclass will be delivered over a 3-hour session in a sequence of 15-20 minute topic
based presentations, each session will contain a background for alignment, key points to learn,
and explanations based on example and case study.
· Business managers who depend on software for business success.
· Developers and coders.
· Those who employ or contract developers.
- · Full class materials
- · Expert knowledge
- · Educational content
- · Masterclass certificate
MasterClass 1 is focused on why Secure by Design is crucial for successful business relevant software and application development, and whilst introducing technical security development concepts is still accessible to non-developers and business managers. Developers who don’t know why this is done will benefit from this too.
- · Secure by design – A business paradigm
o Information as an Asset
o In a Digitalized world
o Why Reliability is priceless
o Getting it right by design
o Resilience & Legislation
o The economics of secure by design
o How to keep things secure
- · Development, Design and Testing – A foundation for security
o Information, Identity, and Trust
o What it means to business
o Why DevSecOps is the new normal
o Managing DevSecOps
o What about the old stuff?
MasterClass 2 is focussed towards the methods and techniques needed to effectively deliver on the principles introduced and explained in MasterClass 1. As such there is a higher reference towards technical principles. Managers and executives who don’t know how this is done will benefit from this too.
- · S=Security,Software,Sensible,Sustainable
o SDLC in 2021
o Secure design as systems DNA
o Cyber Threats R Us!
o Secure leadership
- · Information Security foundation
o Why we are here
o Threats & Vulnerabilities
o Updates, Patches, and Lifecycles
- · Its not all about DevSecOps
o Why DevOPs (Recap and foundation)
o Managing a DevSecOps Team
o Where does Dev stop and Sec start?
o Architectures, Frameworks, and Languages.
o Code Review, Testing, Management
o Keeping it secure
- · Governance and Confidence
o Automating Quality
o Standards and Skills
o Metering and Monitoring
· 100% online
· Live Classroom
Steve Jump has an unashamedly technical background being both an engineering graduate and a chartered engineer, but he uses it to translate complex technology into serious business. He presently consults in the area of Information Security Governance and Information Security Risk, where he expresses support, sympathy, incredulity and fortunately, frequent flashes of inspiration at the state of Information Security risk management in business today.
With over twenty years of applied and strategic information and cybersecurity experience Steve now provides applied cybersecurity risk governance coaching, mentoring, and guidance at an Exco and Board level to ensure that non-technical and technical directors alike are able to understand that information security risk is about more than technology, and how this understanding adds significantly more value to a business as an enabler rather than a fear-based approach.
Steve has driven the establishment of a Security Governance function recognizable as a Risk Management function and successfully transitioned it from an IT function into one recognizable to risk management. He is conversant in the translation of new technologies, new regulatory requirements and new business models into the means to improve governance, reduce costs, and measurably reduce information security risk to the business.
Steve has developed comprehensive Information Security and Information Technology Strategies, including Enterprise & Information Security Architectures that ensure business and IT align, including the creation of a business-centric Information Security framework that can be used at any level of an organization to identify threats and plan their security strategy and resources.
Both Classes: $100
Single Class: $65
Ready to get started?
· A 1-on-1with Steve, at an extra $75 ONLY, for the first 10 participants to pay for full class.
· Consultation with Steve at a special, discounted price, for all participants. Email: firstname.lastname@example.org for more info.
Limited spots available!