SERC Talks: How do Agile Methods Reduce Risk Exposure and Improve Security?

Presented on April 4, 2018 at 1PM ET by Robin Yeman, Lockheed Martin Fellow, Lockheed Martin (LM) Information Systems and Global Solution, Agile/DevOpSec SME

For more information on this Talk and others, please visit:

http://www.sercuarc.org/serc-talks/.

ABSTRACT: With each passing year software continues to grow and every industry regardless of their product uses software as an integral part of their value stream. That phenomenon is especially true in the government space where we deliver highly- critical systems such as aircraft, unmanned systems, missiles & guided weapons, and human space flight vehicles. Highly regulated environments not only require high quality low risk deliveries; they need to be secure. I believe using Agile methods will provide exactly that.

Depending on individual experiences and varying context some projects continue to see Agile methods as risky however various studies and journals such as IEEE have shown Agile methods to deliver results in areas of quality, cost, and schedule across the commercial and government industries. Can those same Agile practices be leveraged to improve the level of security in our systems and reduce our risk exposure while the Internet of Things (IoT) continues to expand our system attack surfaces? In this presentation, we will discuss:

- The difference between Agile and traditional Waterfall

- How Agile practices enable security to be embedded in our systems from the start

- Where security is inserted throughout all stages of the SDLC

- Define the art of the possible for the future.

Robin Yeman works for Lockheed Martin (LM) Information Systems and Global Solution in Northern Virginia as a Lockheed Martin Fellow. She has over 23 years of experience in software and IT, across multiple business areas building everything from Satellites to Submarines. She has been actively supporting and leading Agile programs at Scale both domestically and internationally for the last 15 years with multiple certifications including Scaled Agile Program Consultant, Certified Enterprise Coach (CEC), CSP, CSM, CSPO, PSM, PMP, PMI-ACP, INCOSE Certified Systems Engineer, and ITIL Practitioner. She actively coaches and trains teams through in person coaching, Agile workshops, virtual training classes. She leads the Lockheed Martin’s Agile Community of Practice and Center of Excellence, speaks at multiple conference engagements each year. Robin received her Master’s Degree in Software Engineering from Rensselaer Polytechnic Institute.