June 17, 2014 at 6:30 PM

ISSA National Capital Chapter June meeting topic:

Scott Lehman and Tom Hallewell 

The Five Stages of Grief

How to Implement a Software Assurance Program



The Five Stages of GriefIntroducing software assurance into your in-house development projects is more a social challenge than a technical one. Elizabeth Kubler-Ross' Five Stages of Grief (Denial, Anger, Bargaining, Depression, and Acceptance) seems like an apt model for the process needed build a robust, effective secure software development program from the ground up.

We will share some of the challenges we encountered while implementing a software assurance program.  We will discuss the various stakeholders, and their varying goals, expectations, and fears.  We will present suggestions based on our experience that may help your program gain acceptance and produce more secure software.  We will briefly describe Continuous Integration/DevOps and discuss some of the security benefits – and risks – that come from this software development approach. 


About the Speakers

Scott Lehman
Scott has over two decades of professional development experience in the commercial, government and military sectors.  He leverages this experience in his current Application Security-focused role for a large Federal entity.


Tom Hallewell
Tom Hallewell has more than fifteen years experience in the Information Security field.  He has led both development and software security programs.  He is currently engaged in the implemention of enterprise identity management in a large Federal Agency.  He is also a leader in the National Capitol Chapter of ISSA.


Please RSVP if you plan to attend.
Non-members are welcome without charge! Light refreshments will be served.


Tuesday, June 17, 2014 6:30 PM

Government Printing Office
Room A138
732 N. Capitol St.
Washington, DC, 20401

Click here for details