Dev(Sec)Ops: Moving Cybersecurity and Audit Defense Left in the SDLC

Tuesday, May 8
10:30 AM - 11:05 AM
Location: Theater

Two USPTO employees, Simmons Lough and Ben Spainhour, discuss how they helped build security into the system lifecycle using DevOps, all while maintaining compliance with key federal government requirements.

Simmons Lough

Software Architect
USPTO

Simmons Lough is a software architect committed to transforming the way the federal government builds, maintains, and delivers software solutions. He earned his stripes during the start-up movement of the early 2000s. During that time, his lean teams lacked the resources to hire specialists, so they worked together to produce high quality code with speed and accuracy. The secret to their success: collaboration, automation, and data. In other words, DevOps.

At the United States Patent and Trademark Office (USPTO), Simmons is now helping the Office of Finance Management Systems move towards a similar culture of speedy and collaborative development. The USPTO exists to “promote the Progress of Science and useful Arts.[i]” DevOps culture is the perfect blend of progressive science and useful art, making the USPTO a fitting agency for a DevOps pilot.

Simmons’ core project at the USPTO, Fee Processing Next Generation (FPNG), collects all of the 3+ billion dollars in annual revenue that keeps the agency running. In partnership with the OCIO, the FPNG team is embracing DevOps as a key component of its IT modernization approach. The scope is focused, but powerful, and demonstrates how the federal government can give Silicon Valley a run for its money. FPNG offers a template that other federal agencies can use to improve and transform their software development processes.

Presentation(s):

Send Email for Simmons Lough

Ben Spainhour

ISSO
USPTO

Ben Spainhour is a Cybersecurity practitioner with experience in risk management, audit defense, application security, and federal compliance at multiple government agencies. At the United States Patent and Trademark Office (USPTO) he is an Information System Security Officer (ISSO) in the Office of Finance Management Systems supporting Fee Processing Next Generation (FPNG), which collects all of the 3+ billion dollars in annual revenue that keeps the agency running. In partnership with the OCIO, the FPNG team is embracing DevOps as a key component of its IT modernization approach while maintaing compliance with the wide gamut of federal and industry standards that govern financial systems. FPNG offers a template that other federal agencies can use to improve and transform their software development and security processes.

Presentation(s):

Send Email for Ben Spainhour


Assets

Dev(Sec)Ops: Moving Cybersecurity and Audit Defense Left in the SDLC



Attendees who have favorited this

Please enter your access key

The asset you are trying to access is locked. Please enter your access key to unlock.

Send Email for Dev(Sec)Ops: Moving Cybersecurity and Audit Defense Left in the SDLC