AUSTIN, Texas--(BUSINESS WIRE)--Austin-based start-up Wisegate, a private, practitioner-based IT research service for qualified senior technology professionals, released a report that provides top tips from leading CISOs to help organizations build more secure business applications. When deciding how to incorporate security into applications, there are few compliance requirements or technical standards that provide developers with detailed guidance as they write, test and implement their code. In this latest report, Wisegate provides practitioner best practices for application security.
“Being part of the Wisegate expert network keeps senior IT practitioners on the forefront of evolving strategies and informed on which approaches their peers find effective. In-depth discussions on the challenges and strategies can be used to forge valuable inroads with colleague stakeholders.”
Many organizations aspire to attain this ideal, but few actually do. It’s not that organizations intentionally ignore industry best practices for application security. In reality, conditions such as budget and resource constraints, lack of awareness, tight development timelines, and even company politics can get in the way of incorporating security into applications throughout the software development life cycle (SDLC), especially in the early phases. Like all security leaders, Wisegate CISO members face challenges promoting application security best practices given the practical reality of business today in which organizational and development team constraints exist.
“Stakeholders need to understand that there are different types of application vulnerabilities, which put the company at risk—code problems, logic errors, controls, etc.,” said Martin Zinaich, Information Security Officer at City of Tampa. “Downtime for any reason often results in revenue losses. These are real risks that executives can understand, and good governance guides them to get behind the security measures necessary to mitigate the risks.”
This report features the latest strategies from CISOs and other senior security leaders on the best ways to promote better security practices throughout the SDLC with tips on topics such as:
- Selling stakeholders on the value of security—why it’s important to paint a clear picture of security threats tied to business risks, how to present the cost benefits of baking security in early, and how to position compliance requirements to support the need for security.
- Asserting your security influence throughout the SDLC—from project scoping through to production, CISOs share lessons learned and strategies they use to increase their authority by being business enablers versus production gatekeepers.
- Preparing developers for success—baking security into the SDLC is a team effort. Learn how CISOs use resource libraries, training, control frameworks and formal processes to help developers build in the right security controls from the project start.
“Like all security leaders, Wisegate CISO members face challenges promoting application security best practices given the practical reality of business today in which organizational and development team constraints exist.” said Sara Gates, Founder and CEO of Wisegate. “Being part of the Wisegate expert network keeps senior IT practitioners on the forefront of evolving strategies and informed on which approaches their peers find effective. In-depth discussions on the challenges and strategies can be used to forge valuable inroads with colleague stakeholders.”
To request a copy of Wisegate’s case study titled “CISO Tips for Baking Better Security into Applications” please visit http://www.wisegateit.com/resources/downloads-baking-security-into-applications.
If you think you’d like to join Wisegate and meet the qualifications, go to http://www.wisegateit.com/request-invite/ and request an invitation to join.
Wisegate is a private, practitioner-based Information Technology (IT) research service for senior IT professionals that lets them tap directly into the most valuable source of technology information: the collective intelligence and experiences of their peers. Through live roundtable discussions, detailed product reviews, online Q&A and polls, and timely research reports, Wisegate offers a practical and unbiased information source built on the real-world experience of veteran professionals. Wisegate makes working in IT rewarding and fulfilling by putting technology professionals in control of valuable information.