For this week’s “In the News”, research an article dealing with how secure code development practices (or lack thereof) affected a major software project; was the project more or less successful as a result?
For this week’s Discussion, we consider Application (Software) Development. Answer at least one of the following questions:
- During which phase should Information Security be included? How would you explain to someone that Information Security has a role without a finalized product yet?
- Choose one of the popular software development methodologies, such as Scrum, Agile, or Waterfall; how does the choice of the methodology affect Information Security concerns?
For this week’s “In the News”, research a recent article that relates how an organization was benefitted by their business continuity program, or suffered due to the lack of an adequate program? What are the key lessons learned from the article?
Answer one of the following questions:
- Considering that business continuity does not support day-to-day operations until a crisis situation, how does one justify the design, implementation, maintenance, and testing for business continuity system(s)?
- When using third-parties, how would you gain adequate confidence in their ability to maintain availability for their systems? What techniques or solutions would you use?
For this week’s “In the News”, perform research on one of the following:
- new testing requirements (e.g. SSAE18 SOC1 or SOC2)
- new testing requriements put into place due to regulations
- how security assessments and testing integrates with other domains, such as cloud network architecture, or software development lifecycle?
As you read about security assessments, what can you conclude from this week’s readings about:
- How often security assessments should be performed?
- Are there factors that would decide how often you would perform these assessments?
- Conditions that might alter that schedule?
- What security assessments are most essential?
For this week’s “In the News”, research an article that centers around how identities were compromised to provide access, or how an account that was otherwise authorized was then used for unauthorized purposes.
For this week’s Discussion, consider that you want senior management to support a new Access Management program at your organization. While this may involve technology-based solutions, your budget may be limited and it is therefore essential that senior management provide support and encourage efficient use of the resources that the organization already has.
- Why is access management critical to today’s enterprise?
- What benefits does an enterprise gain from proper access management?
For this week’s “In the News”, research a new technology solution, or new method to utilize a previous technology, to address Communications and Network Security. How does this solution or application revolutionize networks? If this is particular to certain industries, please also include that detail.
When designing a network for an organization, what are the key considerations that should be factored into the design? Why do you recommend those considerations? Also consider how you would address the inevitable situation of scarce resources; how would you prioritize?