https://securedelivery.io/tags/security-product-organisations/Recent content in Security, Product, Organisations on Secure DeliveryHugo -- gohugo.ioen-usMon, 29 Jun 2020 08:30:08 +0100https://securedelivery.io/articles/building-a-culture-of-quality-not-just-security/Mon, 29 Jun 2020 08:30:08 +0100https://securedelivery.io/articles/building-a-culture-of-quality-not-just-security/In my previous article I covered how security is just one aspect of the quality of the applications you’re building. Today I’d like to focus on the process of building high quality systems and, in a startling break with tradition, actually define what culture is so that we can talk meaningfully about culture change. Let’s remind ourselves of the standard for software quality from ISO 25010: It never makes sense to talk about “building a culture of security”.https://securedelivery.io/articles/number-of-data-breaches-is-not-a-good-security-metric/Thu, 18 Jun 2020 11:30:08 +0100https://securedelivery.io/articles/number-of-data-breaches-is-not-a-good-security-metric/Ok, of course it’s not. Does this feel familiar though? Budget gets allocated to cybersecurity Cybersecurity activities happen Everyone is reasonably happy, except the application delivery teams having cybersecurity activities done to them Terrible news - a data breach! PANIC Budget gets substantially increased for cybersecurity Substantially more cybersecurity activities happen Everyone is reasonably happy, except the application delivery teams having substantially more cybersecurity activities done to them Terrible news - a data breach!