Why security and privacy by design are not a backlog item

May 16 14:16 2018 Print This Article

Secure coding, security and privacy by design and default have never been part of the software development industry in any mainstream way. You only have to look at the OWASP top 10 to realise this as the top items haven’t changed much over its entire existence.

While it was sometimes possible to include security requirements in the waterfall design method because an overall design view was present, with Continuous Delivery and DevOps breaking software design up in backlog items, this has become a lot more difficult, unless it’s integrated into the entire process.

Now the GDPR comes along and actually may mandate this. But how should we really implement this into the development culture?

Required audience experience None. I will go through the basics of security and privacy by design, secure coding and also the legalities poised by the GDPR to the software design process.

Objective of the talk

To help developers and others see that incorporating these design philosophies may not only benefit the end users of their products (think of IOT devices), but also note that if you don’t fully embrace it it will not work. Apart from the legal requirements laid down by the GDPR.

The original article was originally posted here: https://continuouslifecycle.london/sessions/why-security-and-privacy-by-design-are-not-a-backlog-item/

view more articles

About Article Author

GDPR Associates
GDPR Associates

View More Articles
write a comment


No Comments Yet!

You can be the one to start a conversation.

Add a Comment