Forum News

Is Your Project Vulnerable?
Reducing Security Risks with SSDLC

On May 4th, 2015, The NYS Forum Project Management and Information Security Workgroups hosted an event discussing Web Security and combating security risks with Secure Systems Development Lifecycle (SSDLC).

The Monday afternoon event at the Albany Marriott titled "Is Your Project Vulnerable? Reducing Security Risks with SSDLC", featured a diverse panel of experts: Deborah Snyder, NYS Office of Information Technology Services (OITS), Scott Rogler, NYS Engineering for the NYS Enterprise Information Security Office (EISO), Russell Kiernan, QED National, Nancy Mulholland, NYS Office of Information Technology Services (OITS), and Sara Holmberg, NYS Office of Information Technology Services (OITS). The session was kicked off by Charles Nagy, PMP NYS Office of Information Technology Services who gave a brief overview of the topics to be discussed and introductions.

Presenting were Scott Rogler, NYS Engineering for the NYS Enterprise Information Security Office (EISO) and Russell Kiernan, QED National who both discussed in detail the steps that were/are taken to combat data breaches and other forms of security risks within NYS and the Private Sector. Both cited numerous real life examples on how SSDLC was implemented within their own practices and their experiences and challenges that they had faced. Both went into deep detail discussing the Secure Systems Development Life Cycle (SSDLC), the security activities involved with SSDLC, and how SSDLC was built into NYS/Private Sector systems to counter risks and aim to prevent any repercussions to the success of projects.

Following the presentations, there was an active and dynamic Q&A/Open Discussion session where the entire panel joined in to field questions and provide answers from the audience. The panel of experts discussed their diverse experiences in Security management and fielded questions and thoughts by the audience members. The audience seemed to have gained valuable information following the discussion. One attendee stated that the presentations/panel were "helpful by providing a case study perspective that made the theory and mandates real".

The presentation and reference materials may be viewed at:
http://www.nysforum.org/events/5_4_2015/.

Thanks to all of those who attended and presented.

Is Your Project Vulnerable?