Partner Article
Global Expansion of BSIMM Accelerates in South America
New Project in Argentina to Gather Data for BSIMM: Industry’s first Software Security Measurement Tool Based on Real-World Data
London, UK– June 26th — Cigital, Inc. today announced another milestone in the Building Security In Maturity Model (BSIMM), the industry’s first software security measurement tool built on real-world data. Argentina’s Fundación Dr. Manuel Sadosky - a leading institution whose goal is to promote stronger and closer interaction between Industry and the wider scientific-technology community - will conduct research to provide the first set of BSIMM measurements in Latin America. BSIMM is a framework which helps organizations to understand, measure and plan their software security initiatives based on in-depth measurement of leading enterprises in a number of verticals. The fifth major release of BSIMM, in October 2013, describes the software security initiatives of 67 organizations and, since its launch, has been downloaded more than 7,000 times.
Iván Arce, Director of the Security in ICT program at Fundación Dr. Manuel Sadosky will lead the project to measure the software security initiatives of twelve organizations in Argentina where software development is critical to the organization’s business, using the BSIMM framework. The project will be conducted in conjunction with the Santa Fe Regional School of the National Technological University (UTN-FRSF).
According to Iván Arce, “BSIMM is a great tool to model an organization’s overall maturity towards software security because it is based on real, measured data. Its use of a Creative Commons license is a big advantage too. We translated BSIMM to Spanish, adapted it to local context and tested its applicability in a pilot project with 5 organizations in 2013. The results gave us confidence to conduct the first 12 BSIMM measurements of Latin America in Argentina during 2014.”
The latest project marks a further milestone in the BSIMM evolution and will add new organisations to the growing, global BSIMM community. In Europe, BSIMM recently expanded the data set with BSIMM Europe, the study of 17 large-scale European software security initiatives, to provide hard data on the security approaches of leading organisations in the region. Originally launched in 2008, the BSIMM data set has grown more than 75 percent since the fourth release in 2012 and now encompasses eighteen times the measurement data of the original study, bringing the total activity count to 112.
According to Caroline Wong, Director of Security Initiatives at Cigital comments: “One of the real strengths of the BSIMM model is that it’s not a static tool. The security landscape is changing quickly and organisations need to be quick to respond to these new threats and attacks at the software layer. As the BSIMM data set is regularly updated it provides real insight into what other organisations in your sector are doing now so that you can strengthen your own software security initiatives, accordingly. With BSIMM, organisations industry -wide can leverage the many years of experience which are captured in the model.”
Notes for Editors:
About BSIMM
The Building Security in Maturity Model (BSIMM) is a critical tool for measuring and evaluating how well real firms build secure software. A data-driven model and measurement tool developed through the careful study and analysis of software security initiatives, BSIMM includes real-world data from nearly 70 organizations with active software security initiatives. The model includes a framework based on successful software security practices, and can help guide an organization objectively assess of its own security investments, both present and future. For more information, please visit http://bsimm.com/.
About Cigital
Cigital, Inc. is the world’s leading software security services and solutions company. Cigital helps public and private organizations launch and mature software security initiatives, as well as design, build, test, and maintain secure software through a combination of expert consultants, innovative technologies, and effective training built on over twenty years of cutting-edge research and successful client engagements. Cigital is headquartered outside Washington, D.C. with regional offices throughout North America, Europe, and Southeast Asia. For more information visit: http://www.cigital.com.
About Fundación Dr. Manuel Sadosky
The Manuel Sadosky Foundation is a mixed (public / private) institution whose goal is to promote stronger and closer interaction between Industry and the scientific-technological system, in all aspects related to Information and Communications Technology (ICT). The Foundation was formally created by Presidential Decree # 678 in 2009. Its Chairman is the Minister of Science, Technology, and Productive Innovation on Argentina; and the Vice-chairmen are the chairmen of the country’s most important ICT chambers: The Software and Computer Services Chamber (CESSI) and the Argentine Computing and Telecommunications Chamber (CICOMRA). For more information visit: https://www.fundacion sadosky.org.ar
This was posted in Bdaily's Members' News section by PJO .
Our Partners
Staying relevant without losing equity
Businesses - play your part in festive success!
Building for change after a year of highs and lows
Give us certainty to accelerate electric drive
We must create a new pathway to growth
We must act now to provide a home for all
We need a longer-term focus on public money
A collaborative approach to skills development
A budget of shocks and surprises
University isn’t for everyone
A budget of ups and downs
Government budget 'must deliver firm foundations'