2 days workshop on ‘Privacy in software development lifecycle (SDLC)’ with Anil Lole

2021-07-12 08:56:08

 We are pleased to present a 2-days workshop on ‘Privacy in software development lifecycle (SDLC)’ with Anil Lole – Associate Director – Information Security & DPO at BlueConch Technologies.

Register Now

Workshop Coverage:

• Data Privacy and worldwide legislations
• What is Data Privacy V/S Confidentiality?
• Privacy in SDLC
• Cloud-Native Applications
• Challenges for Developers
• Top privacy risks
• Risk Management in SDLC
• SDLC and OWASP Top 10 (Coding, Testing, API, Cloud)
• Threat Modelling, Secure Coding, Security Testing
• Verification standards
• Software Assurance and maturity

What to expect from this Workshop?

1. Privacy requirements from Application Development Teams
2. Understanding the Privacy & Security risks
3. Threat Modelling, Secure Coding, Security Testing
4. Privacy Risks and countermeasures
5. Software verification requirements
6. Risk Management in SDLC
7. Software Assurance and Maturity

About the Speaker: Mr. Anil Lole: Associate Director – Information Security & DPO.

Working at BlueConch Technologies (Earlier it was Xpanxion International Pvt. Ltd.) for last 14 years.

(BlueConch Technologies ranked among the top 3 companies in India in a recently held DSCI Annual Information Security Summit under the category ‘Best Privacy Practices in IT/ITeS Companies’)

Working in the capacity of CISO and DPO and is responsible for Information Security & Data Privacy of India & overseeing US Operations.

• Established best practices for secure coding, security testing, threat modeling, and security in Project Management for delivery team and clients.
• Implemented secure SDLC best practices.
• Institutionalized OWASP Top10 and SANS Top 25 vulnerabilities guidelines for Developers and QAs.
• Implemented automated secure code review (SAST) using SonarCube, and security testing with Zap.
• Set up best practices for security awareness, risk assessment / treatment methodology for all corporate functions and client projects.
• Designed and implemented Secure ODCs for large customers in healthcare & financial domain.
• Supporting Delivery and Contracts/Legal team in understanding clients’ security & privacy requirements and adhering to contractual obligations captured through MSAs & SOWs.
• Ensuring security measures and safeguards are put in place to client specific security risks.

Overall Experience and Highlights:

• 22+ years of hardcore Information Technology personnel being responsible for aligning IT Services with business needs by applying required technology, process, and people skills.
• The experience includes 15+ years in IT Security and Information Security with strong analytical skills in mapping security controls with business processes and practices.
• Played a leading key role in implementing ISO 27001:2005 in the world’s largest automobile engineering company in 2006 for their Pune plant.
• Implemented end-to-end ISO 27001:2005 in a Software Services Company (100% EOU & Offshore development centre) in April 2012 for Pune location.
• Successfully migrated to ISO 27001:2013 in June 2015.
• Implemented ISO 27001:2013 globally (India & US) in Sep 2019.
• Implemented ISO 27701:2019 in June 2020 globally (India & US).
• Experienced in managing & delivering a variety of IT infrastructure and Information Security requirements.
• Expertise in IT Infrastructure designing, implementing ITIL processes and best practices, with supervisory skills to continually improve overall IT services.
• Proficiency in tailoring and customizing ISMS requirements, best practices and aligning them to improve overall business objectives.

Certifications:

• CISM (Certified Information Security Manager): Jun 2018 (Certificate no. 1841239)
• CISA (Certified Information Systems Auditor): Feb 2017 (Certificate no. 17136791)
• PROZM Certified SAM (Software Asset Management) Professional: Mar 2015
• GL ISO/IEC- 27001:2013 upgradation: February 2015
• BS ISO/IEC- 27001: 2005 ISMS Lead Auditor: Dec 2009
• ITIL V3 Foundation: March 2008

Register Now