Brad here. With the Microsoft Security Development Conference coming up on May 14th and 15th, in San Francisco, I want to take a minute to talk about my plans for the week.
On Tuesday, May 14th, at 3:00 p.m., I’ll present the topic “Never Waste a Crisis: Take 2. ” This presentation is based on the original one I gave at the RSA Conference in 2012, sharing some lessons on how to prepare for a crisis and what to do to ensure you leave your software security program in a stronger position once it’s all over. This time, I’ll talk about how we put these lessons to work with respect to another crisis: the inappropriate use of a code signing certificate which happened at Adobe in September 2012. In this second take on the topic of crises, I’ll grade my own advice — and my own performance at following that advice — with lessons learned from the code signing incident.
Then on Wednesday, May 15th at 9:45 a.m., I’ll present a keynote on: “Accepting Defeat: Changing the Battle Plan.” I’ll talk about how to acknowledge when the current approach to a problem isn’t working, abandoning a long-standing strategy and looking for new approaches. I’ll give two examples of how this worked for us at Adobe.
If you haven’t registered yet for the Microsoft Security Development Conference, I encourage you to go ahead. You can use this discount code: ADB@SDC!@
I’m looking forward to catching up with everyone who plans to attend. See you there.
Chief Security Officer