Architecture at Scale - Save time. Reduce spend. Increase security.

Presented at DerbyCon 7.0 Legacy (2017), Sept. 23, 2017, 10 a.m. (25 minutes)

An effective security architecture program must establish a framework to correlate security between operations, development, and the business. It must be agile to support devops, visionary to support strategy, and reasonable to support adoption. This talk will detail the building blocks required to develop and implement an architecture program that will output artifacts for technical engineers through executive leadership. The automated framework will identify technology overlap, highlight unbalanced spend, and measure the maturity of security control domains. Upon completion of the talk, an architecture tool will be released to support and automate the correlation of the architectural components, leading to continual security program maturity. Ryan Elkins is the director of cloud and application security architecture at Eli Lilly and has over 10 years of security experience across the financial, insurance, and pharmaceutical industries. Elkins has extensive experience with application and cloud security, penetration testing, monitoring and incident response, program leadership, and enterprise architecture. Elkins holds the CISSP and CCSP certifications and has a master’s degree in Information Security from Nova Southeastern University. @the_ryan_elkins

Presenters:

• Ryan Elkins

Links:

• https://www.derbycon.com/saturday-schedule/#event-141
• https://infocon.org/cons/DerbyCon/DerbyCon 7 2017/Architecture at Scale Save time Reduce spend Increase security Ryan Elkins.mp4

Similar Presentations:

• DerbyCon 7.0 Legacy (2017) / Run your security program like a boss / practical governance advice
• AppSec USA 2015 / Ah mom, why do I need to eat my vegetables?
• AppSec USA 2015 / Security as Code: A New Frontier