Silo Busting 10: Secure SDLC with Sam Rehman

Let’s talk about vulnerability, and not the Brené Brown sort. We mean software. Sam Rehman, our Chief Information Security Officer and SVP, says in a new #CybersecurityByDesign episode of *Silo Busting:* “Software *will* have vulnerabilities… The only question is: Can they be used?” In an informative conversation with producer Ken Gordon, Rehman argues for reconfiguring software development lifecycle—or SDLC, as they say in the vernacular—“so that security is actually engrained into the process, not as a stop-and-go, stop-and-go method but it’s actually built in and is continuous.” Rehman believes in incessantly reassessing one’s organization’s threat profile, as inputs and outputs change over time. Why? The moment any organization, including yours, releases a piece of software—“That’s an entry point to the enterprise.” Rehman says that secure SDLC “is for everybody.” Question is: Is that a group to which you and your organization belong? You know the answer. Host: Alison Kotin Engineer: Kip Pilalas Producer: Ken Gordon