Watch Chris Alberts discuss the importance of developing security requirements in the same time frame as functional requirements.
Christopher Alberts is a senior member of the technical staff in the Acquisition Support Program at the Software Engineering Institute, Carnegie Mellon University. He is currently developing methods for managing systemic risk during the development and operation of software-intensive systems and systems of systems. Prior to this work, he co-developed the OCTAVE® approach for managing information security risks and the Continuous Risk Management methodology for managing software development project risks. He has co-authored two books, Managing Information Security Risks: The OCTAVESM Approach (Addison-Wesley 2002) and the Continuous Risk Management Guidebook (Software Engineering Institute 1996).