Workshops‎ > ‎cs-ga-2010-1‎ > ‎cs-ga-2010‎ > ‎

John Wyatt

President / CEO, Cigital Inc

Biography:


John Wyatt is a 30-year veteran of the technical and business consulting industry. He has an impressive career of increasing results in growing small and medium size companies, process reinvention and innovation in technology. They include a string of successes going back to the late 1980s. He grew James Martin & Co. from essentially zero to $100 million, established the Commercial Intelligence division of MicroStrategy, ran OneSoft (a software company) through the tech boom and bust and grew Ariel Research from a subscription EHS data provider into an Environment, Health and Safety Outsourcer. At Cigital, John is responsible for the business strategy, overall financial and operational management. So far he has grown Cigital by a factor of 5 in revenue and established it as the “go to” services firm for software security.

Contact Information:
John Wyatt
Cigital, Inc.
21351 Ridgetop Circle
Dulles, VA 20166
703/404-9293 x1215


Abstract:

BSIMM2 – The Building Security in Maturity Model


Software security has made great progress over the last decade.  The Building Security In Maturity Model (BSIMM, pronounced “bee simm”) is designed to help you understand, measure, and plan a software security initiative.  Of the sixty large-scale software security initiatives we are aware of, thirty—all household names—are currently included in the BSIMM study. Those companies among the thirty who graciously agreed to be identified include: Adobe, Aon, Bank of America, Capital One, The Depository Trust & Clearing Corporation (DTCC), EMC, Google, Intel, Intuit, Microsoft, Nokia, QUALCOMM, Sallie Mae, Standard Life, SWIFT, Symantec, Telecom Italia, Thomson Reuters, VMware, and Wells Fargo.   The BSIMM was created by observing and analyzing real-world data from thirty leading software security initiatives. The BSIMM can help you determine how your organization compares to other real-world software security initiatives and what steps can be taken to make your approach more effective.  The most important use of the BSIMM is as a measuring stick to determine where your approach to software security currently stands relative to other firms.