Content

Software-coding inefficiencies to be addressed at SC World Congress

Whether it is a rush to market, insufficient training or just plain sloppiness, software-coding processes all continue to need improvement and monitoring, say experts. Who do we hold accountable and how, they ask? What can end the cycle of vulnerabilities due to coding errors?

A panel of experts will address how to stop vulnerabilities due to coding errors at next month's SC World Congress. The panel, The key to secure coding: Secure code, takes place on Tuesday, Dec. 9 at 1:45 p.m., and panelists include Manoranjan (Mano) Paul, software assurance advisor for (ISC)2; Paul Kurtz, executive director, Software Assurance Forum for Excellence in Code (SAFECode); and Joe Jarzombek, director software assurance, Department of Homeland Security. Dan Kaplan, senior reporter, SC Magazine, will moderate.

Mano Paul“Software security is a confluence of people, process and technology from the boardroom-to-the-builder, from the client-to-the-coder, from requirements to release,” Paul (left) says. “It is about managing risk and creating a culture that inherently yields hack-resilient software implementing secure processes and technologies by trained people, aimed at providing solutions to meet business needs.”

Paul's information security and software assurance experience includes designing and developing security programs from compliance-to-coding, security in the SDLC, writing secure code, risk management, security strategy, and security awareness training and education. He founded and serves as the CEO & president of Express Certifications.

As well as serving as executive director of SAFECode, Paul Kurtz (right) is a partner at Good Harbor Consulting. He is a recognized expert on cybersecurity and served in senior positions on the White House's National Security and Homeland Security Councils under Presidents Clinton and Bush. Paul Kurtz

Joe Jarzombek is the director for software assurance on the National Cyber Security Division within the U.S. Department of Homeland Security. His efforts there involve leading government interagency efforts with industry, academia and standards organizations.

Jarzombek (left) points out that his goal is to shift the security paradigm away from patch management by addressing security needs in workforce education and training. He also advocates more comprehensive diagnostic capabilities and security-enhanced development and acquisition practices.

About the SC World Congress

To keep today's companies and organizations secure requires up-to-the-minute information about current threats to the corporate environment, best practices and optimum solutions. The inaugural SC World Congress offers attendees the opportunity to become better informed, while at the same time providing a hands-on sampling of state-of-the-art technologies and services being used to thwart the increasing range of threats trying to interfere with business operations and abscond with corporate and customer data.

Located in New York, the largest concentration of corporate headquarters and federal and local government offices in the United States, the SC World Congress is the only dedicated IT security event focused on providing the latest solutions and inside information to help IT & data security professionals do their jobs better.

The inaugural SC World Congress takes place Dec. 9 to 10 in New York City's Javits Convention Center.

For a complete schedule of events, and to register, please click here.



Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.