Marco Mirko Morana

Marco Mirko Morana

My career in cyber-security spans more than 20 years working in different roles and industry sectors. As a author, besides co-authoring the book on risk centric threat modelling I wrote a book on application security risk management for CISOs and several white papers covering application and software security topics.

Application Security For CISOs

Date:

This document provides an overview of a presentation by Marco Morana from OWASP on developing an OWASP Application Security Guide for Chief Information Security Officers (CISOs). The presentation covers the need for such a guide given the evolving roles and responsibilities of CISOs. It outlines the guide’s structure and contents to provide CISOs with strategic guidance on application security processes, metrics, and technology selection. A four step project plan is also presented for creating the guide based on input from the security community and CISO surveys. You can download the presentation slides from here The OWASP CISO guide can be downloaded from here The OWASP CISO guide printed book can be downloaded from here The OWASP CISO guide presentation on YouTube can be watched from here and also from here The OWASP CISO guide podcast can be listened to from here