CISO Series Well Received, Don't Miss The Next Two

Share Article

The new CISO Series features hot topics for today's Chief Information Security Officers (CISOs) and their direct reports. This information filled series of webinars addresses the most current issues that CISOs face in their daily environments and will feature practical advice and feedback from a CISO that has experienced these problems first hand. The CISO Series will be conducted by Jeff Bardin.

The second of the CISO Series, Building Security into the Systems Development Life Cycle (SDLC), will begin on Thursday October 18, at 1:00 p.m. EST, and an additional webinar, Data Loss Prevention: A Case Study is scheduled for Wednesday, October 31, at 1:00 p.m. EST. Each webinar will last 90 minutes, of which 20-30 minutes will include a question and answer period. FS-ISAC is proud to make this important series available to FS-ISAC dues-paying members for the low price of $100 per webinar and $200 for Basic and Non-members. Don't miss this opportunity to learn from an expert in the CISO field. For more information contact Denise Anderson, FS-ISAC Member Services Director at danderson@fsisac.us.

Title: CISO Series B Webinar: Building Security Into The System Development Life Cycle

Including security early in the information system development life cycle (SDLC) results in less expensive and more effective security than adding it to an operational system after the fact. The second seminar in the CISO Series presents a framework for incorporating security into all phases of the SDLC process, from initiation to disposal. Understanding the flow of data is essential to determine what to assess and what is truly the system. Having proper policies and system ownership that hinges on data ownership is essential to success as are proper controls built into the code that address regulatory issues.

The CISO Series will be conducted by Jeff Bardin. The second of the CISO Series will begin on Thursday October 18, at 1:00 p.m. EST. The webinar, entitled Building Security Into The System Development Life Cycle (SDLC), will cover the following subject matter and learning objectives:

A general SDLC will be discussed that includes the following phases: initiation, acquisition/development, implementation, operations/maintenance, and disposition. Each of these seven phases includes a minimum set of security steps needed to effectively incorporate security into a system during its development. An organization will either use the general SDLC described in this presentation or will have developed a tailored SDLC that meets their specific needs.

Learning Objectives:
1. How including information security early on in the SDLC usually results in less expensive and more effective security than adding it to an already operational system.
2. The key security roles and responsibilities that are needed in most information system developments.
3. How the risk assessment process is integral to information security in the SDLC and how to deal with risks that could be ignored.
4. The framework for incorporating security into all phases of the SDLC process, from initiation to disposal.
5. The minimum set of security steps needed to effectively incorporate security into a system during its development.
6. Teaching developers how to write "proper" code.
7. Ensuring QA staff understand use versus abuse cases.
8. Pre and Post compilation vulnerability scanning and what to do with the results.
9. Critical Success Factors to a successful program.

The webinar will last 90 minutes, of which 20-30 minutes will include a question and answer period.

Event Registration Fee

  • Basic and Non-Member Registration $200.00
  • Member Registration $100.00

Register today by clicking on the following link: https://guest.cvent.com/EVENTS/Register/IdentityConfirmation.aspx?e=2ecc1c9b-a156-4e43-8197-7880fab4e976

About FS-ISAC
Launched in 1999, FS-ISAC was established by the financial services sector in response to 1998's Presidential Directive 63. That directive -- later updated by 2003's Homeland Security Presidential Directive 7 -- mandated that the public and private sectors share information about physical and cyber security threats and vulnerabilities to help protect the U.S. critical infrastructure.

About Treadstone 71
Treadstone 71 (T71), established in 2002, improves the stability, maturity, and overall risk posture of your organization. T71 ensures you Consolidate, Integrate and Optimize your investment while Transforming your risk-based information security organization into a mature, business focused, respected and highly trusted team.

# # #

Share article on social media or email:

View article via:

Pdf Print

Contact Author

Jeff Bardin

Denise Anderson
FS-ISAC
888-732-2812
Email >
Visit website