IT-security is mature by now, sure there are still some issues and we are far away from being done, but in the past few years it-pros and security experts have been working hard on enabling it-security at a low cost. Today there are great tools for monitoring and securing networks, application issues and vulnerabilities. Cyber-security-awareness is rising, and this is great news!

BUT!

But while it-security is getting better and better these days, dev-security is lacking behind a lot. Companies focus more on making sure infrastructure is safe, then taking time to make sure software development is safe and this is because building security into software is not easy. There aren’t yet as many tools as for it-security. Knowledge on secure software development isn’t as spread as it should be. It is time for a change! Software needs to be secure by design, developers need easier ways to integrate security, services and tools are needed to provide security at a glimpse.

this is a keynote