Secure by design: a proactive approach to open source health and security
1:35 PM - 2:15 PM EST
In this session two of CISA’s leading security experts will share more about the industry-wide effort they are leading to make security a core business requirement in products versus an aftermarket technical feature. They’ll share historical analogies of where this design-first approach has had real impact in other industries, and they’ll cover how they are working directly with industry leaders and the open source community to proactively improve practices in ways that will lead to the security outcomes we need.
About Jack Cable
Jack Cable is a Senior Technical Advisor at CISA, where he helps lead the agency's work on open source software security and Secure by Design. At CISA, Jack authored CISA's Open Source Software Security Roadmap and has co-led community efforts to standardize the security of package repositories. Prior to that, Jack worked as a TechCongress Fellow for the Senate Homeland Security and Governmental Affairs Committee, advising Chairman Gary Peters on cybersecurity policy, including election security and open source software security. There, Jack was the principal author of the Securing Open Source Software Act. He previously worked as a Security Architect at Krebs Stamos Group. Jack also served as an Election Security Technical Advisor at CISA, where he created Crossfeed, a pilot to scan election assets nationwide. Jack is a top bug bounty hacker, having identified over 350 vulnerabilities in hundreds of companies. After placing first in the Hack the Air Force bug bounty challenge, he began working at the Pentagon’s Defense Digital Service. Jack holds a bachelor’s degree in Computer Science from Stanford University and has published academic research on election security, ransomware, and cloud security.