The Application Security Podcast Alex Olsen -- Security champions, empowering developers, and AppSec training
40 snips
Dec 20, 2022 Alex Olsen, Cyber Security Consulting Group leader at Rakuten's Cyber Security Defense Department, discusses security champions, democratizing application security, implementing a security champions program, onboarding process, connecting volunteers to the community, scope, cost, and effort in a security champions program, keeping a champions program engaging, and sharing experiences on security champions and AppSec training.
AI Snips
Chapters
Transcript
Episode notes
Revamping Security Champions Program
- Alex revamped Rakuten's existing, but immature security champions program to assign one champion per development team.
- This mandatory assignment ensured every team had a security champion, boosting ownership and communication.
Onboard Champions to Engage Them
- Provide good onboarding, orientation, and face-to-face connection to new security champions.
- Pull them into community channels with open communication to keep them engaged and contributing.
Keep Champions Meetings Dynamic
- Rotate internal security teams to present quarterly in champions meetings to maintain varied, interesting content.
- Encourage security champions to share team initiatives to foster collaboration and continuous learning.