July 13, 2023 – Member meeting: Penetration Testing, William Suthers & Andy Cottrell | Putting the “T” in Trust for Transformation, Dr. Gail Ferreira

Registration required: July 13, 2023, 7:00pm – 9:00pm Pacific Time

7:00 – 8:00 PM Session One: Penetration Testing – Stories From the Field

William Suthers, Director Technical Services, and Andy Cottrell, CEO of Truvantis, share pen testing stories from the field.

William Suthers is the Director of Technical Services at Truvantis, as well as an opensource security tool developer, security researcher and security conference speaker (HushCon, DEF CON, etc.)

Andy Cottrell is the founder and CEO of Truvantis and was the co-founder and President of eRISC, a nonprofit supporting a US and UK community of banks, e-commerce sites and other financial services companies to combat online fraud. Connect with Andy on LinkedIn.

Truvantis is a cybersecurity consulting firm with comprehensive expertise in implementing, testing, assessing, and operating information security and privacy programs. We partner with our clients as trusted advisors to evaluate risks, assess compliance, propose and deploy solutions, and manage day to day security & privacy operations. Our mission is to help our clients improve their cybersecurity and privacy posture through practical, effective, and actionable programs—balancing security, technology, business impact, and organizational risk tolerance. Truvantis is also an authorized PCI DSS Qualified Security Assessor (QSA) Company.

8:00 – 9:00 PM Session Two: Putting the “T” in Trust for Transformation

Software trust breaches are in the headlines on an alarmingly regular basis. The financial penalties and reputation damage resulting from privacy breaches aim to force organizations to prioritize trust in the development of the software systems that collect, process and store data. The introduction of DevSecOps, which creates a team culture to include experts in the DevOps team is a way to deploy trusted code but is only a starting point. Larry Maccherone’s DevSecOps manifesto includes the line “Rely on empowered engineering teams more than security specialists”.

How can teams be created that embed trust as a critical agile transformation driver? Organizations such as Salesforce believe that trust is a clear value that needs to be included universally throughout the organization. DevSecOps cannot be the ultimate solution, but just a single tool to begin to solve a complex problem. Dr. Gail Ferreira will lead this workshop that will inform efforts to embed trust into agile transformation teams’ daily activities, and strengthen existing practices, where appropriate.

Learning Outcomes

  1. Discuss how “shift-left” thinking can be used for C-Level strategy mapping.
  2. Discuss how creating trust by embedding security practices into daily team practices accelerates transformation.
  3. Examine ways to remove blockers to incorporate trust into agile teams.
  4. Assess best practices for trust metrics.

Dr. Gail is a forward-thinking enterprise technology executive and strategic CISO advisor with extensive experience leading transformation from the C-level to the team level for enterprise organizations at scale. Gail is passionate about building trusted cultures and products by using cybersecurity as a technical enabler to improve flow and reduce waste.  Gail has also successfully supported high-growth startups, creating strategies for rapid acceleration and scaling of infrastructure across the organization using “shift-left” thinking for CISO workshops as well as development practices. As a recognized industry thought leader, Gail has published multiple industry publications and magazines, and has presented for large global conferences and industry organizations. Gail also supports leaders seeking to expand their thought leadership by co-publishing and co-presenting with aspiring thought leaders. Connect with Dr. Gail on LinkedIn.

Related Posts