search menu icon-carat-right cmu-wordmark

Agile Cybersecurity

July 2020 Podcast
Carol Woody, PhD, Will Hayes

Dr. Carol Woody and Will Hayes discuss an approach that allows organizations to integrate cybersecurity into the agile pipeline.

“If it is not secure, if it is not high quality, then you are not delivering value. You are not increasing the speed at which needs are being met.”

Publisher:

Software Engineering Institute

Subjects

Listen

Watch

Abstract

Software development is shifting to incremental delivery to meet the demand for software quicker and at lower costs. With the current cyber threat climate, the demand for cybersecurity is growing but existing compliance processes focus on a completed product and do not support incremental delivery.  Cybersecurity must be carefully woven into each increment deliver results with sufficient security and quality. Previous SEI research has shown that improved quality results in improved cybersecurity. In this SEI Podcast, Dr. Carol Woody and Will Hayes discuss an approach that allows organizations to integrate cybersecurity into the agile pipeline.

 

About the Speaker

Carol Woody, PhD

Carol Woody, PhD

Dr. Carol Woody has been a senior member of the technical staff since 2001. Currently she is the technical manager for the Cyber Security Engineering (CSE) team, whose research focuses on meeting the ...

Dr. Carol Woody has been a senior member of the technical staff since 2001. Currently she is the technical manager for the Cyber Security Engineering (CSE) team, whose research focuses on meeting the challenges of cyber security in acquisition, system and software engineering.  CSE is building capabilities in defining, acquiring, developing, measuring, managing, and sustaining secure software for highly complex networked systems as well as systems of systems.

Woody is an experienced technical researcher whose work has focused on government agencies, higher education, and medical organizations. She has helped them identify effective security risk management solutions, develop approaches to improve their ability to identify security and survivability requirements, and field software and systems with greater assurance.

As a consultant for ImageWork Technologies Corp., Woody managed the user testing for CITYTIME, a timekeeping application being developed for New York City. She also consulted with the Queens County District Attorney's Office of New York City to design and implement an electronic document management system. New York City's Administration for Child Services chose her to integrate financial information among state, city, and agency financial systems and also to construct a financial data warehouse and implement web-enabled processes for managing social service payments. As project manager at Yale University, Woody served as architect and implementing project manager for an integrated ID card solution, developed technical specifications and assisted users in vendor review and selection for a procurement package, designed and implemented expert system technology for distributed data collection, and managed a team of technicians supporting the financial operations of the university.

Woody holds a PhD in information science from Nova Southeastern University, an MBA from Wake Forest University, and a BS in mathematics from William and Mary.

Contact: Carol Woody

Read more
Will Hayes

Will Hayes

Will Hayes is a principal engineer and Agile Team Lead at the SEI. Hayes currently supports major programs in the Department of Defense and other government agencies that acquire software from contractors ...

Will Hayes is a principal engineer and Agile Team Lead at the SEI. Hayes currently supports major programs in the Department of Defense and other government agencies that acquire software from contractors applying Agile methodologies. He helps programs devise effective ways to interact with developers using these new methods, and to apply necessary due diligence (e.g., exercise oversight, report metrics and incentivize desired performance) in ways that support –rather than hinder– successful use of Agile methodologies. While at the SEI, Hayes has supported  numerous commercial, government, and defense organizations, providing consultation and coaching for a wide range of roles from engineers to CEOs.

Read more