학술논문
Essential Factors for Successful Software Security Awareness Training
Document Type
Periodical
Author
Source
IEEE Security & Privacy IEEE Secur. Privacy Security & Privacy, IEEE. 4(5):80-83 Jan, 2006
Subject
Language
ISSN
1540-7993
1558-4046
1558-4046
Abstract
As organizations flesh out their enterprise software security framework (ESSF), they quickly spot an overwhelming gap between their current state of practice and their eventual goals for building secure applications. To address this gap, the application security group must bring ESSF plans to other parts of the organization: corporate, engineering, business, training, and IT groups, to name a few. Such socialization helps organizational participants understand their role in framework adoption and roll out, and it should cover what tools people will need, how they'll interact with each other, and what levels of effort they can expect to put forth.