To main content

Care and Feeding of Your Security Champion

Abstract

In agile software development, adoption of security
practices poses challenges, often because security activities are not prioritized, or because the practitioners are not able to see the relevance and importance of the activities to the improvement of the security in the project. In many teams, security activities can be seen as an innovation and as such, there is a need for a champion to realize these innovations in the teams. Security champions make software security possible. Even though all developers need to know a minimum of software security, every team needs someone to lean on when the ride gets rough – and that person is the security champion. In this paper we present the results of a case study with security champions and possible steps for establishing and maintaining this role in agile teams.
Read publication

Category

Academic chapter/article/Conference paper

Client

  • Research Council of Norway (RCN) / 247678

Language

English

Author(s)

Affiliation

  • SINTEF Digital / Software Engineering, Safety and Security

Year

2021

Publisher

IEEE conference proceedings

Book

2021 international conference on cyber situational awareness, data analytics and assessment :CyberSA 2021 : Trustworthy and transparent AI

ISBN

978-1-6654-2529-2

Page(s)

63 - 69

View this publication at Cristin