As Healthcare.gov continues to find its sea legs after a shaky launch, commentators are wondering if the website was built without using the governments’ own security standards, like FISMA, to guide the development.
Despite the recent media attention on the software and security issues surrounding the Obamacare website, the disconnect between software development and security is pervasive outside the public sector.
Listen to episode 113 of our Security Slice podcast and hear Lamar Bailey discuss various ways to incorporate security into the software development process, why current cybersecurity degree programs rarely discuss DevOps security, and how the industry can move toward a more accurate ROI for security.
Click Here to Listen to the Podcast
- Security Slice: Will Security Quizzes Help Banks – Yes or No?
- Security Slice: Can We Resuscitate Healthcare.gov?
- Security Slice: Peer Review for Code and Bug Bounties
- Security Slice: How Bad is badBIOS?
The Executive’s Guide to the Top 20 Critical Security Controls
Tripwire has also compiled an e-book, titled The Executive’s Guide to the Top 20 Critical Security Controls: Key Takeaways and Improvement Opportunities, which is available for download [registration form required].
This publication is designed to assist executives by providing guidance for implementing broad baseline technical controls that are required to ensure a robust network security posture.
The author, a security and compliance architect, examined each of the Controls and has distilled key takeaways and areas of improvement. At the end of each section in the e-book, you’ll find a link to the fully annotated complete text of the Control.
Download your free copy of The Executive’s Guide to the Top 20 Critical Security Controls: Key Takeaways and Improvement Opportunities today.
Definitive Guide to Attack Surface Analytics
Also: Pre-register today for a complimentary hardcopy or e-copy of the forthcoming Definitive Guide™ to Attack Surface Analytics. You will also gain access to exclusive, unpublished content as it becomes available.
* Show how security activities are enabling the business
* Balance security risk with business needs
* Continuously improve your extended enterprise security posture
Download the IT Security Budget Roundup for CIOs and CISOs
Each year, numerous industry research reports provide budget forecasting on expected spending for worldwide IT. Some add a focus within specific industries as well as technologies, but very few focus strictly on IT security.
Bringing a few of the most notable reports together provides a valuable roundup of information for IT operations, including forecasts of IT security spending.
This may be a time-saver for busy CIOs and CISOs and their teams who are seeking data to compare, support and defend possibly thin IT security budgets, or a needed increase to meet business priorities.
This report is organized to review what the research shows, business priorities and trends to tap, and strategies on how to defend your numbers.
Title image courtesy of ShutterStock