Wendy Nather from 451 Research is one of my favorite people to listen to when it comes to application security. She always has some pithy quote or insight that makes me stop and think. In this “50 in 50″ interview, in addition to general trends in application security, she introduces me to the idea of the “security poverty line“.
Listen to the Interview: Wendy Nather Interview – Trends in Application Security
Wendy defines the security poverty line as:
“Companies under the security poverty line, those are the ones that are just not capable of fixing any of the software themselves; either it’s not theirs and they are reliant on third parties who may or may not fix it, but also if they have any infrastructure, it has so much inertia and they have so little expertise that they just don’t know where to start to remediate.” - Wendy Nather
In our talk, we hit on a variety of security topics, including companies within the open source security industry that you might find of interest:
- 00:00 Introduction to Wendy Nather
- 00:49 What security companies does she find interesting
- 07:55 Trends within the next six months to a year
- 10:30 What is Wendy working on next
- 12:47 Prevalence of security issues
Bio: Wendy Nather
Wendy Nather is Research Director, Security, within 451 Research‘s Enterprise Security Program, providing analysis on the current state of security from the perspective of a veteran CISO. Wendy’s primary areas of coverage are application security, identity and access management, threat intelligence, and security services.
Wendy joined 451 Research after five years building and managing all aspects of the IT security program at the Texas Education Agency, which serves 4.6 million Texas students. In that position, she directed multimillion-dollar initiatives for a statewide external user base of over 50,000. She also provided security guidance for the datacenter consolidation of 27 Texas state agencies.
Wendy previously worked in various roles in the investment banking division of Swiss Bank Corp (now UBS), including helping to build Europe’s then-largest private trading floor. Based in Chicago, Zurich and London, she also served as the first IT Security Director for the EMEA region, managing the security aspects of various mergers, IT operations outsourcing and the division’s first Internet presence. Wendy is coauthor of the book The Cloud Security Rules, and was named one of Tripwire’s “Top 25 Influencers in Security You Should Be Following.”
Wendy is based in Austin, Texas. You can follow her on Twitter at @451Wendy.