Christian Alexander Graf – The ‘Need-to-Know’ on Cyber Security – a Lifecycle Approach [EN]
Speaker: Christian Alexander Graf
It is a well-known fact that adequate security cannot be patched-in but must be built into a product. Activities that ensure product security therefore must not only accompany the entire life cycle of that product, they also must precede it. Training of project staff in security should be completed before product development starts. Anyone who plays a key-role in the project must at least know the basics of how to develop systems with an adequate level of security. Better even, if anybody also knows how to perform role- and project-phase-specific security tasks. The A4Q Security Essentials syllabus therefore follows a life cycle approach in teaching IT-security.
The presentation addresses the general and role-specific ‘need-to-knows’ on secure development for a typical software project and gives an overview on how these are addressed in the A4Q Security Essentials syllabus and training materials.