You’ve read Start with Security: A Guide for Business, the new brochure about the FTC’s 53 data security settlements. You’ve digested the lessons learned from those cases. The next step: applying them at your company. The FTC has an easy way to get the ball rolling.
Attend the Start with Security conference on September 9, 2015, in San Francisco, hosted by the FTC and the University of California Hastings College of the Law.
The FTC just issued the agenda for the kick-off of this business education initiative. Each Start with Security event will feature a slightly different focus and the topic on the table in San Francisco is the data security landscape for start-ups and developers. The agenda is packed with names you know, offering their first-hand experience with integrating security into the application development lifecycle.
After keynote remarks from FTC Chairwoman Ramirez, Panel 1, Starting Up Security: Building a Security Culture, will explore the ground-floor steps essential to setting the tone throughout your business. Focusing on some of the most common design flaws and vulnerabilities, panelists will discuss techniques for training developers and ensuring secure coding practices.
So your start-up has hit hockey stick growth, and you’re hiring new engineers and shipping code on a daily (or even hourly) basis. In that pressure-cooker atmosphere, how do you keep security testing at the forefront? That’s the subject of Panel 2, Scaling Security: Adapting Security Testing for DevOps and Hyper-growth.
Next on the agenda is a fireside chat between FTC Chief Technologist Ashkan Soltani and Arun Mathew of Accel Partners. Their topic: Investing in Security.
The conversation will then turn to how to respond effectively when hackers find bugs in your products. From basic triage to bounty programs, Panel 3, Bugs and Bounties: Vulnerability Disclosure and Response will consider how start-ups can manage, address, and learn from vulnerability reports.
Panel 4, Beyond Bugs: Embracing Security Features will delve into site-wide SSL, content security policy, multifactor authentication, and other features your company can implement to protect consumers from threats proactively and help eliminate entire classes of vulnerabilities.
The September 9th Start with Security event is free and open to the public. (And did we mention there's lunch?) There’s no need to pre-register, although seating is first-come-first-served. Start with Security kicks off at 10:00 at Hastings’ Alumni Reception Center, 200 McAllister Street in San Francisco.
Also, mark your calendar for November 5th when the Start with Security road show moves to Austin. More on that event soon.