<img height="1" width="1" style="display:none" src="https://www.facebook.com/tr?id=1919858758278392&amp;ev=PageView&amp;noscript=1">

Session Name: Elite Security Champions Build Strong Security Culture in a DevSecOps World

Everyone and their cousin has a Security Champion program, but how effective is yours? Are you getting a solid return on investment for the time and money you put forth? Elite Security Champions require an elite set of skills and experience. We’ll explore the qualities of an elite Security Champion program and how you can transform your program from one where you must twist arms to sign people up to a program where potential champions are knocking down the door to get in. From knowledge of secure coding principles to threat modeling expertise and understanding of the end-to-end DevSecOps pipelines, Champions require skills on the technical side. But Champions also need schooling in the soft skills to enable them to collaborate and become agents of change, capable of disrupting your security culture. After unpacking the individual skills, we’ll cover the significant issues you must address when building or enhancing an elite program, including branding, strategy, value proposition, recruitment, communication, retention, and globalization. Security Champions provide a scalable solution for security capacity, providing an outlet for overworked security teams to magnify their efforts. If you do not have a security champion program today, or if your program needs a reboot, come to this talk and learn how to fill the halls of your organization with elite Security Champions.



Speaker Bio:

Chris Romeo is the Chief Security Officer and co-founder of Security Journey and is passionate about bringing security culture change to all organizations. Chris is the host of the award-winning “Application Security Podcast” and is a highly rated industry speaker and trainer featured at the RSA Conference, OWASP Global AppSec, ISC2 Security Congress, DefCon’s AppSec Village, and All Day DevOps. Chris was the Chief Security Advocate at Cisco for five years, empowering engineers to shift security left in all products and leading Cisco’s security belt program (Cisco Security Ninja). Chris has twenty-five years of security experience, holding positions across the gamut, including application security, security engineering, and incident response. Chris holds the CISSP and CSSLP certifications.