Last week, Deputy U.S. Chief Technologist Ed Felten met with CyLab researchers and presented his keynote talk to a crowded Rangos Hall in Carnegie Mellon University’s Cohon University Center in celebration of CMU Privacy Day 2016.
Distinguished Seminar: Building a Software Security Program - Effective Risk Management for IT Security
|Date:||February 15, 2016|
|Speaker:||Steve Lipner, former Partner Director of Software Security, Microsoft|
|Time & Location:||12:00 PM - 1:00 PM
DEC, CIC Building, Pittsburgh
|Abstract:||The growing frequency and severity of cybersecurity incidents has led government and private sector organizations to seek better ways to protect their systems and information. Many of these organizations have begun by adopting risk management frameworks as a way of structuring their approach to security. But risk management is only effective if it is informed by deep understanding of attacks and the ways to defend against them. The history and structure of successful software security programs shows how technical understanding can be integrated into risk management decisions. This talk will summarize the history of a typical software security program and outline principles by which understanding of attacks and defenses combined with continuous improvement leads to effective risk management.|