Board consists of 14 software life-cycle professionals

November 23, 2010

2 Min Read


Nov. 22, 2010 – (ISC)2' ("ISC-squared"), the world’s largest information security professional body and administrators of the CISSP', today announced the launch of its Application Security Advisory Board (ASAB), with representatives from Asia-Pacific, Europe and the Americas.

The Advisory Board was established to recommend ways to create awareness about the problem o f insecure software and help organizations infuse security into the software development lifecycle. The board consists of 14 software lifecycle professionals of similar seniority from the ranks of leading business, public, and non-government organizations around the world, including:

  • Andreas Fuchsberger, CISSP-ISSAP, CSSLP, lecturer in Information Security, Information Security Group, Royal Halloway, University of London, and security, privacy and identity standards lead, Microsoft Corp.

    • Sharon Hagi, CISSP, CSSLP, senior architect, IBM

    • Paco (Brian) Hope, CISSP, CSSLP, technical manager, Cigital

    • Ajoy Kumar, CSSLP, vice president, JP Morgan Chase

    • Robert Lai, CISSP-ISSAP, ISSEP, CAP, CSSLP, information assurance engineer, SAIC

    • Glenn Leifheit, CSSLP, lead security consultant, FICO and ASAB co-chair

    • Anthony Lim, CSSLP, director, security, Asia-Pacific, Rational Software, Suntec

    • Alessandro Moretti, CISSP, CSSLP, executive director, IT security risk management, UBS

    • Dr. Yiannis Pavlosoglou, chair, Global Industry Committee, OWASP

    • Hart Rossman, CSSLP, chief technology officer, SAIC

    • Bola Rotibi, CEng, research director, Creative Intellect Consulting Ltd.

    • Dave Stender, CISSP, CAP, CSSLP, associate chief information officer for cybersecurity and chief information security officer, U.S. Internal Revenue Service

    • Dr. Vehbi Tasar, CISSP, CSSLP, director, Professional Programs Development, (ISC) and ASAB co-chair

    • Richard Tychansky, CISSP-ISSEP, CAP, CSSLP, information assurance engineer, Lockheed Martin Corp.

      The board held its inaugural meeting Nov. 19 in Orlando, Fla. where they discussed the state of secure software and made recommendations on, among other topics, how to gain support for and overcome the problems caused by the proliferation of insecure software. Several members hold (ISC)’s Certified Secure Software Lifecycle Professional (CSSLP') certification. The CSSLP, which recently became accredited under ANSI/ISO/IEC Standard 17024, was created to stem the proliferation of software vulnerabilities by establishing best practices and validating an individual’s competency in addressing security issues throughout the software lifecycle.

      "Software vulnerabilities are one of the most pressing issues in security today with 80 percent of attacks occurring at the application layer, and we are confident this group of elite software and security professionals will bring valuable insights and ideas as to how we as a community can have an impact on this issue," said W. Hord Tipton, CISSP-ISSEP, CAP, CISA, executive director of (ISC).

      The (ISC) ASAB will meet virtually on a quarterly basis and in-person annually. (ISC)2 has existing advisory boards for the Americas, U.S. federal government, Europe and Asia-Pacific.

      About (ISC)2

      Media Contact:

      Mike Kilroy or Juliette Mutzke

      Maples Communications, Inc.

      (949) 855-3555

      [email protected]

      [email protected]

Keep up with the latest cybersecurity threats, newly discovered vulnerabilities, data breach information, and emerging trends. Delivered daily or weekly right to your email inbox.

You May Also Like

More Insights