In this role, Clarke will work closely with Veracode’s Federal Advisory Board and the company’s senior management team to elevate awareness of the risks that insecure software pose to national security. Through his extensive cyber security knowledge and public sector relationships, Clarke will enable Veracode to expand its reach in the federal market while enabling current customers to better prepare for and assimilate evolving federal cyber security guidelines.
“High profile attacks against Sony, Google, RSA Security, Epsilon and hundreds of others have exposed the soft underbelly of vulnerable software. We share Richard’s publicly-stated concern that the threats to our core infrastructure will only worsen if tackling the issue of insecure software doesn’t become a priority for corporations and government alike,” said Maria Cirino, chairperson, Veracode Board of Directors, and managing director, .406 Ventures. “We’re thrilled to be teaming with Richard as we work closely with federal agencies and corporations around the world to develop and improve national information security policies and procedures— while simultaneously helping our customers adhere to advanced federal IT security regulations such as the proposed FISMA reforms.”
President Barack Obama recently announced plans for comprehensive cyber security reforms across federal agencies and networks and released a proposal to reform the Federal Information Security and Management Act (FISMA), which regulates internal government cyber security. These initiatives increase the sense of urgency to adopt services like Veracode’s in order to accurately verify software application security. Specifically, the Veracode platform can be leveraged to support FISMA 2.0 reforms that call for implementation of a federal agency information security program that continuously monitors information systems, runs application security testing, and ensures policies and procedures are followed.
“Joining the Veracode Board of Directors allows me to contribute to an innovative, rapidly growing company that is well-positioned to address evolving federal regulations and guidelines like FISMA 2.0. Veracode takes all the excuses for better quality software off the table—it’s automated, comprehensive and it doesn’t require organizations to expose their source code,” said Clarke. “Veracode provides an advanced solution to one of the greatest security risks in the cyber threat landscape today. It’s one of the first and best end-to-end assessment services I’ve encountered—finally allowing organizations to get their arms around their software vulnerabilities in a cost-effective way. I look forward to helping influence Veracode’s rapid growth as it works to stem the dangerous tide of insecure software.”
About Richard A. Clarke
Clarke, the author of Cyber War: The Next Threat to National Security and What to Do About It, spent his last year of public service in the George W. Bush Administration focusing on cyber security and the threat of terrorism against the critical infrastructure of the United States. He served for eight years as a special assistant to President Clinton and served as national coordinator for Security and Counterterrorism for both President Clinton and President George W. Bush. Clarke began his federal service in 1973 in the Office of the Secretary of Defense. In the administration of President Ronald Reagan, Clarke was the deputy assistant secretary for Intelligence. Clarke is currently the chairman and CEO of Good Harbor Consulting, a strategic risk management consulting firm that provides physical and cyber security solutions for clients worldwide.
Veracode is the only independent provider of cloud-based application intelligence and security verification services. The Veracode platform provides the fastest, most comprehensive solution to improve the security of internally developed, purchased or outsourced software applications and third-party components. By combining patented static, dynamic and manual testing, extensive eLearning capabilities, and advanced application analytics Veracode enables scalable, policy-driven application risk management programs that help identify and eradicate numerous vulnerabilities by leveraging best-in-class technologies from vulnerability scanning to penetration testing and static code analysis. Veracode delivers unbiased proof of application security to stakeholders across the software supply chain while supporting independent audit and compliance requirements for all applications no matter how they are deployed, via the web, mobile or in the cloud. Veracode works with customers in more than 80 countries worldwide including Global 2000 brands such as Barclays PLC and Computershare as well as the California Public Employees’ Retirement System (CalPERS) and the Federal Aviation Administration (FAA). For more information, visit www.veracode.com, follow on Twitter: @Veracode or read the ZeroDay Labs blog.