SECURITY CULTURE AT SCALE. Building a Security Ambassadors Program

Similar documents
Fostering Grass Roots Innovation Within Adobe

Space Apps Pre-Event Meetup Planning Guide

Sponsorship Package. 3-4 February, Mcmaster Innovation Park Hamilton, ON.

Hi, I m Joey! Community Builder Entrepreneur Falafel Connoisseur.

BIG DATA REGIONAL INNOVATION HUBS & SPOKES Program Briefing

Climate Corps Fellowship Opportunities Alameda County

17 Quick and Easy Fundraising Ideas for Small Groups

CALLING ALL SPONSORS:

Security Champions 2.0. OWASP Bucharest AppSec 2017 Alexander Antukh

SECURITY CULTURE HACKING: DISRUPTING THE SECURITY STATUS QUO

The #1 Glocal Community for Corporate Innovators is now heading to. Madrid May 2018

CERTIFICATE IN DIGITAL INNOVATION

SPONSORSHIP PACKAGE JUNE 2017, Vancouver

CROWDFUNDING STAKEHOLDER TOOLKIT BUILDING YOUR COMMUNITY

Ready Children Impact Council Independent and Joint Application Comparison

Laguna Honda Lean Transformation. Laguna Honda Strategic Performance Management November 2017

SPONSORSHIP PACKAGE August 8 & 9, 2018 JW Marriott Parq, Vancouver

Youth Career Initiative

City of Vancouver Digital Strategy. April 9, 2013

Titolo presentazione Design Management, sottotitolo Innovation and Entrepreneurship

How Will We Know if Our Capacity-Building Support is Working?

Changing the World in a Company

Year in Review. (a.k.a. Annual Report)

Media Kit Coffee Shops Business Events. Trade Shows

Avanade Innovation Advisory

Connecting Commerce. Business confidence in the United Kingdom s digital environment. A report from The Economist Intelligence Unit.

Promoting Innovation: How Contests, Prizes, Challenges, and Grants Can Generate Innovative Energy

Outsourced Product Development

University of Washington Medical Center

A Decade of Experience with Community Indicators in Spokane. Measuring Flood Resilience Webinar

How Do Smart Companies Motivate Employees to Create Memorable Customer Experiences

Energy Behavior Change in the Military

BIG DATA REGIONAL INNOVATION HUBS & SPOKES

Nonprofit Founded Partner with Government. Design Services & Policy. Focus on Poor & Vulnerable

GREATER DES MOINES PARTNERSHIP

droidcon Italy FOR BUSINESS

New Brunswick s Youth Workforce

You re Invited... All the Right Moves. Positioning your practice for success. San Francisco, CA June 9 12

Business Globalization

Employee Wellness Program 2015

What is a Pathways HUB?

BSIMM7 Brings Science to Software Security

CodeSprints: Unlocking a magnetic force to attract tech talent WHAT IF HUNDREDS OF HIGHLY SKILLED ENGINEERS CAME TO YOU?

2016 Bug Bounty Hacker Report

The Basics of Lean Startup

GUIDE TO FUNDRAISING FOR ADVOCACY EVENTS

26 Nursing & Healthcare Conference

UCSF Community Fundraising Event Tool Kit

Indonesia Lecture 10 Elevator Pitch Contest

Sylvia Deporto. Stephanie Romney, PhD. Judith Baker, MA. Deputy Director, San Francisco Human Services Agency. Director, Parent Training Institute

Pond-Deshpande Centre, University of New Brunswick

Copyright Wadhwani Foundation. NEN Ecosystem : Review Feb 10, 2017

ACCELERATING CONNECTION

ebook 6Six Steps to Developing a Successful Clinical Smartphone Strategy

New Initiatives in the Army Green Procurement Program

ITS New Zealand Strategy and Business Plan 2018/19

Mobile Innovation Summit

ADOPT A CHARITY SCHEME

Health Education Administration s Public Health Education Collaborative

PLANNING ACCELERATOR

Oregon s Health System Transformation & The Innovator Agent Role

HOW TO WRITE SUCCESSFUL GRANT PROPOSALS

Delivering on A Promise to Learn A Commitment to Act. The National Patient Safety Collaborative learning event

Using Social Media to Support Fundraising Efforts/Campaigns CASE Online Solutions Showcase May 2014

Collaborative and Innovative Leadership Models. Phantane J. Sprowls, Program Analyst Office of Nutrition and Health Promotion Programs May 24, 2016

Lean startup in ehealth

Space Portfolio. INNOVATION NEEDS SPACE. Book our creative spaces for your meetings, workshops & events.

Presents the Game Plan for Higher Ed. Higher Ed Kickoff Meeting Workbook

UNCLASSIFIED R-1 ITEM NOMENCLATURE FY 2013 OCO

September Sub-Region Collaborative Meeting: Bramalea. September 13, 2018

Selecting Measures. Presented by: Rebecca Lash, PhD, RN Collaborative Outcomes Council July 2016

2013 GOALS & PROGRESS

Leveraging the Microsoft Azure Cloud How your VAR can help?

Laying the Foundation for Successful Clinical Integration

4th CALL FOR PROPOSALS

Rapid Cycle Improvement

What. Make it eazy! Accommodation Work Services Tours. Courses Au Pair Packages

ADAM S. JURATOVAC Media Kit

Unemployed Long Term, Not Unemployable

Start Small, Think Big! Fusing Clinical & Business Metrics to Improve Quality & Effect Change. 44 accc-cancer.org July August 2016 OI

About Core Volunteers

Innovating with the System Operator

U.S. Chamber of Commerce 1615 H Street NW Washington, DC INTERNSHIP PROGAM

Regional Alumni Clubs Volunteer Handbook

Terms of Reference. Digital Fundraising Consultant. Private Sector Partnerships Service (PSP), UNHCR London, UK

What is a TM Forum Catalyst Project?

INDIANA UNIVERSITY SCHOOL OF INFORMATICS AND COMPUTING CORPORATE PARTNERSHIP & OPPORTUNITY GUIDE

AIESEC United States SUMMER NATIONAL CONFERENCE 2011 Chicago, IL

Company Overview. Copyright 2014 Accenture All rights reserved. 1

HERE COMES THE REAL THING THE ABM INNOVATION SUMMIT

3. Reporting. Goal. Communicate the results and achievements of employee conservation initiatives to participants, and inspire others to join.

SCAMPI B&C Tutorial. Software Engineering Process Group Conference SEPG Will Hayes Gene Miluk Jack Ferguson

GRANT WRITING: GETTING THE MOST OUT OF YOUR PROPOSAL

We re looking forward to receiving your application!

Maximizing Giving Days and Ensuring a Successful Year End Giving Initiative

Introduction. It s a shame that a zip code can determine someone s life expectancy by 20 years! It all begins May 1st!

Smart Energy Customer Engagement Success Stories. December 12, 2017

Sponsorship Prospectus

2017/ /20 SERVICE PLAN

FP&A for High-Tech Summit

Transcription:

SECURITY CULTURE AT SCALE Building a Security Ambassadors Program

WHO ARE WE? Cassie Clark, Sr. Security Community Strategist - Salesforce Julia Knecht, Manager, Security and Privacy Architecture - Adobe Jessica Chang, Security Culture Lead, Trust and Security - Dropbox Christine Keung, Chief of Staff to the General Counsel - Dropbox

WHAT PROBLEM ARE WE TRYING TO SOLVE? As companies grow How do we keep security top of mind? How do we scale security effectively?

SECURITY CHAMPIONS / AMBASSADORS PROGRAMS Definition: A network of volunteers embedded throughout your organization that help spread your message and provide information. (Hint: We may have heard this from Lance!) Why is this important? Is this right for your company?

BRANDING YOUR CHAMPIONS PROGRAM Brainstorm: Synonyms for people who might defend/secure...stuff Champions Ambassadors Sentinels Knights

NAMING EXERCISE 5 mins - What do we want people to think when they hear security? 3 mins - What words / associations would we like to avoid? 10 mins - Share ideas on the whiteboard 10 mins - Whiteboard groupings based on common themes 10 mins - Narrow down and decide!

COMPANY INTROS

DROPBOX Size: 1,700 FTEs Geographic spread: Global, major offices in San Francisco & Dublin Org structure: Legal Trust & Security Program scope: Security culture program launched in 2016 Champions program in development Our program: (wait for it )

15,000 FTE s Major offices around the world

ADOBE

SALESFORCE Size: 25,000+ FTEs Geographic spread: Over 60 offices worldwide Org structure: Tech & Products Infrastructure Security Program scope: Mature for R&D/Product side, full rollout coming to Infrastructure and acquisitions Program size: Over 250 developers/engineers and growing!

IDEATION TO PROGRAM Dropbox: Security culture program Champions program in development Adobe SPLC + Champs Salesforce Piloted in 2013, full launch in 2016 50 Champions to 250 Champions...and more!

ENGAGING OUR CHAMPIONS

TRAINING + COMMUNITY Training + community = engaged Champions! Training provides tools to do effective work Community motivates Champions Champions scale security for you!

TRAINING Customized team-specific trainings Instituted and supported by our Champions Stories and anecdotes are powerful!

COMMUNITY Community is multifaceted Relationship-building Incentivization and engagement What we ve done Community mascot + branded swag Champions-only internal channel CTF Hackathon Happy hours, scavenger hunts, etc.

EVENTS Champ Summit Hacker Village Product Security Summits CTF Hacktoberfest

METRICS

YOUR TURN! Brainstorm: What are some possible metrics for your program? Things to think about: Goals/objectives? Challenges? Problem(s)? Activities/training? How will you know participants are engaged?

IMPACT METRICS: ENGAGEMENT Attendance at events (in-person and streamed) Participation in activities Understanding of security issues Level of engagement Response to surveys Communication between Champions + Security team

IMPACT METRICS: TRAINING Number of trained Champions Results from quizzes/assessments Baseline Post-training

IMPACT METRICS: SECURE DEVELOPMENT LIFECYCLE

CHALLENGES

CHALLENGES

LOGISTICS

LOGISTICS What you ll need: Program plan Leadership buy-in Roles and responsibilities Time Staff time Champion time Space and logistics Pilot program

TIME AND RESOURCES

BUDGET Items to include: Training materials and curricula, especially if external Events/activities Incentives/swag Catering Logo/graphic design Staff time No budget? Consider Recognition is free! Build those relationships with Champions and Security Partnering with other teams/departments

HOW CAN I TAKE ACTION?

TAKEAWAYS Secure leadership buy-in Build program plan Identify a sponsor Define responsibilities Launch pilot = iterate! Evaluate And launch!

QUESTIONS?

Cassie Clark: cassie.clark@salesforce.com Julia Knecht: jknecht@adobe.com Jessica Chang: findjess@dropbox.com Christine Keung: ckeung@dropbox.com THANK YOU!

2024 © careersdocbox.com Privacy Policy | Terms of Service | Feedback