ISC2® Launches Secure Software Conference Series

May 26, 2010

Tools

Inaugural Event June 17 in Silicon Valley to Feature C-Suite Panel on Unsecured Software Issues; Keynote David Rice, Author of ‘Geekonomics’; Sessions from Adobe, HP

FREMONT, Calif.--(BUSINESS WIRE)-- (ISC)^2® (“ISC-squared”), the not-for-profit global leader in educating and certifying information security professionals throughout their careers with nearly 70,000 certified members worldwide, today announced the expansion of its highly successful Security Leadership conference series to address integrating security throughout the software development lifecycle (SDLC) to better protect enterprises and individuals.

(ISC)² will kick-off its SecureSDLC conference series in the heart of the U.S. software development community on June 17 at the Fremont Marriott Silicon Valley. To register or receive more information, please visit http://bit.ly/bMc6EL.

Titled “SecureSDLC: Building Security into the Software Lifecycle,” the day-long conference will feature a keynote at 9 a.m. from David Rice, author of the critically acclaimed book Geekonomics: The Real Cost of Insecure Software, who will discuss how insecure software contributes to the destruction of global economic wealth and enables pandemic cybercrime.

In addition, several members of the Silicon Valley’s Office of the CIO will participate in a panel discussion at 11 a.m. on the problems insecure software has caused their organizations and the solutions they’re seeking from vendors. The panel will be moderated by Dean Lane, author of CIO Wisdom: Best Practices from Silicon Valley, a book featuring the collective wisdom of the Office of the CIO on how to address pressing issues facing IT professionals.

The panel will feature Lincoln Heacock, CIO, CyberSource, an ecommerce payment management company now being acquired by Visa; Allyn McGillicuddy, CIO, Golden Gate University; Max Rayner, CTO, Travelzoo, a global Internet media company; and Jim Trovato, CISO, Intuit, a leading provider of business and financial management solutions including the Quicken^® and TurboTax^® products.

“As organizations begin to recognize securing software as a priority, this new conference series provides the software community a forum to share their experiences and discuss integrating security throughout the software development lifecycle,” said W. Hord Tipton, CISSP-ISSEP, CAP, CISA, executive director of (ISC)².

“The market and the regulatory landscape are moving rapidly toward requiring software to run securely from cradle to grave, eliminating the need for the expensive and time-consuming ‘patch and testing cycle’ that has left organizations and end-users highly vulnerable,” Tipton said. “Our goal for this series is to provide tools to stakeholders involved in the planning, development, design, coding and deployment of any application to incorporate security, whether the software is for in-house use, embedded in devices, or for sale to enterprises and consumers.”

According to Rice, “To this day, software remains one of the most defective products in the global market place. The software market is a market for lemons, where buyers cannot distinguish between ‘good’ and ‘bad’ software. Consequently, high-quality, secure software is driven from the market. This is bad for everyone – governments, enterprises, businesses, customers, and citizens.”

Other speakers scheduled for the (ISC)² SecureSDLC Silicon Valley event include Rafal Los, senior Web security specialist for Hewlett-Packard (HP) Software and blogger, who will speak at 1:45 p.m. on developing an execution-flow-based approach to application security testing, and Brad Arkin, director of product security and privacy for Adobe, who will speak at 4 p.m. on gaining acceptance for a secure approach to software development and how Adobe implemented its own Secure Product Lifecycle program.

The SecureSDLC Silicon Valley event is free to (ISC)² members and US$99 for non-members. The conference runs from 9 a.m. to 5 p.m. and includes breakfast and lunch for attendees. The event is sponsored by Tipping Point and Cenzic.

The next SecureSDLC event in the series is set for Nov. 4 in Washington, D.C. Details will be announced at a later date.

SecureSDLC is part of (ISC)²’s Security Leadership Series, a year-round program that provides information security professionals worldwide the chance to advance their knowledge on emerging security issues while interacting with leading industry experts and expanding their peer networks. (ISC)² certified members may earn Continuing Professional Education (CPE) credits for attending. For more details on the Security Leadership Series and other (ISC)² Events, please visit www.isc2.org/events.

About (ISC)² ^®

(ISC)² is the largest not-for-profit membership body of certified information security professionals worldwide, with nearly 70,000 members in more than 135 countries. Globally recognized as the Gold Standard, (ISC)² issues the Certified Information Systems Security Professional (CISSP^®) and related concentrations, as well as the Certified Secure Software Lifecycle Professional (CSSLP^®), Certified Authorization Professional (CAP^®), and Systems Security Certified Practitioner (SSCP^®) credentials to qualifying candidates. (ISC)²’s certifications are among the first information technology credentials to meet the stringent requirements of ANSI/ISO/IEC Standard 17024, a global benchmark for assessing and certifying personnel. (ISC)² also offers education programs and services based on its CBK^®, a compendium of information security topics. More information is available at www.isc2.org.

Follow (ISC)² on Twitter and YouTube.