Given the importance that eLearning plays in developing secure software, this ebook provides an overview of our research into AppSec training approaches. Findings include “deep dives” into budgeting, training challenges, time consuming elements, how best to reinforce AppSec eLearning, and the value of accreditation to individual contributors, managers, and organizations.
Most developers involved in product builds believe their companies to have a mature security posture but nonetheless struggle to keep up to date with growing regulations and compliance requirements. On the cybersecurity front, developers view automated modeling, integration with other tools, and matching the speed of new threats that emerge as all highly important. Security must start with design and remain a critical element at each stage of the SDLC.
Over 90% of mid-market companies that develop software are interested in solutions that automate proactive security and compliance processes.
Companies looking to accelerate their software development in tandem with stronger cybersecurity compliance measures are looking to just-in-time training (JITT) for their software developers and automated built-to-purpose cybersecurity software for accomplishing these goals.
The TrustArc Global Benchmark report provides a 360 view of how enterprises manage data protection and privacy. Feedback came from senior leadership inside the privacy office and privacy team members. We also comprehensively surveyed senior executives, middle management, and non-managerial full-time employees. For the 3rd year running, insights are provided on current privacy challenges and global privacy trends.
This year-end summary highlights four primary research studies Security Compass commissioned in 2021 on topics in Cybersecurity, covering DevSecOps, Cloud Adoption, Threat Modeling, and the US DoD. The research was conducted independently by Golfdale Consulting, Inc.
The report quantifies the challenges and opportunities being confronted by US government agencies at the federal, state and local levels. Software development methods, security expertise, developer controls and mitigations, communication approaches, and current approaches to ATO compliant software development are explored.
To understand the current state of threat modeling and the challenges large enterprises encounter with the applications they build and deploy, Security Compass commissioned a comprehensive study on the topic.
Public trust and confidence in data and privacy rights is not just good for consumers but it is also good for businesses. Governments that adopt a “privacy is a human right” lens to their privacy reforms will not only empower their citizens but will also propel their businesses to be more competitive in the digital age. Doing so in a coordinated manner across jurisdictions will help with speedy uptake of new requirements and compliance, while avoiding consumer confusion.
Privacy leaders across the industry know that there’s a shift happening in who supports privacy and how it’s adopted across the enterprise.
In Part 1 of our Cookie Consent and Privacy blog series, we explored the industries with a history of consent and the lessons learned from their implementation. We proposed the hypothesis: specific industries that existed well in advance of the hyper digitalized world we live in today are well-practiced at working through consent issues. We hope you enjoy Part 2 of this series, where we analyze the connections between cookie consent, brand trust, and revenue. In Part 3, we further explore and provide examples of informed consent.
