Session Name: Rebuilding Security Culture With Security Champions: Our Experience at IBM, Red Hat & Natwest Group
A Security Champions program is key to a modern cybersecurity strategy. Learn how to start your own.
Known vulnerabilities are a fact of life, especially with open-source software. Cyber Security Intelligence tracked over 18,000 CVEs and at least 66 Zero-Day Vulnerabilities in 2021. According to the Sonatype 2020 DevSecOps Community Survey, 24% of organizations surveyed revealed a breach within one of their web applications in the prior 12 months. The average cost of a data breach was $4.24 million, according to the IBM 2021 Cost of a Data Breach Report.
The only way to keep up with the fast pace and demands of cybersecurity today is to scale up the security expertise of your technical workforce. This talk explains why setting up a Security Champions program is such an important part of an overall security strategy. Then it goes into detail on how to get your own Security Champions program running, the realistic costs of such a program, and what benefits you can expect from it. We’ll talk about grassroots programs at three companies: IBM, Red Hat, and NatWest Group.
A Security Champions program is repeatable, cost-effective, and can be applied to a broad range of industries. Attendees will come away with a step-by-step approach that can improve cybersecurity practices at their own companies.
Siddharth is currently senior vice president of consulting leading a DevOps Center of Excellence practice for a European bank. He is Governing Board Chairman for Ortelius, an open-source platform on Microservices, and on the board of experts panel for the Cloud Credential Council (CCC). Co-authored a book on Site Reliability Engineering and a whitepaper on global digital skills. Writes on multiple topics but in particular about DevOps, Agile and ITSM. He’s a regular industry speaker at global and regional events and conferences. ). In addition Global Ambassador for DevOps Institute and on the Influencer Panel of DASA (DevOps & Agile Skill Association).