How to Build a Security Team and Program

Presented at BSidesSF 2017, Feb. 12, 2017, 4:10 p.m. (30 minutes)

I will share how I was able to build a security team and program from scratch at Twilio, an SF startup that just recently went IPO.  I will be telling war stories that demonstrate what problems they will face and how I was eventually able to overcome them (hint: it wasn't easy, but I'll be giving up my secrets).  At the end of the presentation, the security practitioners in attendance will have a guide they can use when trying to accomplish the same thing at their own company.  Ultimately, we're all on the same side, and if I can give security practitioners an advantage with my experience, I sure will.

Presenters:

• E. Coleen Coolidge
  I started out in security because I wanted to influence how people's personal information was protected. Every customer deserves to have a Security organization who's advocating for the protection of their data. Data is everything: it's our credit, it's our medical history and it's our private moments. Customers shouldn't have to worry that every time they give sensitive data to a company, their information is misused or at risk of being stolen. When on the learning path about security, I've practiced security in different environments: t data providers, mortgage companies and Bay Area startups. I've worked for managers who taught me valuable lessons that I've passed along to security teams I've lead.

Links:

• https://bsidessf2017.sched.com/event/9IKw/how-to-build-a-security-team-and-program

Similar Presentations:

• LocoMocoSec 2019 / SDL at scale: growing security champions
• 44CON 2016 / Frictionless Security
• BSidesLV 2016 / Pushing Security from the Outside