It is a common illusion that Product Managers in the current reality, can continue working to define products, without thinking about security aspects, and that this can be done at a much later stage in the product lifecycle. How can we turn the Product Manager to be a real security ambassador?
We’d like to show how a very comprehensive security program, managed by a dedicated security office in cooperation with a professional Product manager, can raise the “security organizational conscience” and can successfully integrate in security aspects in every product, with emphasis on agile development lifecycle! The uniqueness and innovation of our topic, is the attempt to break this illusion, explain how important it is to change the product development culture and mindset starting from Product managers and then percolate it to the product development teams themselves. We would like to propose a process\technique to bring security to the most early stages of product lifecycle and definition, starting from the planning stages, there for implementing the well-known “shift left”, which is impossible without full cooperation of end to end functions within the organization. We believe the Product managers should be the pioneers to start a more “security driven product management” approach, leading to better and secured products, in a world of cyber security growth and Big data sharing and analytics, which cannot survive without security elements intact as the basis of every product design and architecture. We will address the security from the process point of view and from the content point of view. We want to provide a real example illustrating why, when and how the changes should happen.
Elena Kravchenko is Micro Focus (former HPE Software) Security Lead of Application Delivery Management (ADM) Business Unit; 25+ years of software engineering , last 4 years in product security; MSc in Applied Mathematics from Leningrad State University
Efrat Wasserman is a Product Manager in Intel; 7+ years in Software Development, Program management, last 2 years in Product Management; BSc in Computer Science and Mathematics; MBA in Business Management and Marketing