Culture and Organization -> Education and Guidance: Regular security training of security champions
Risk and Opportunity
Risk: Understanding security is hard, even for security champions.
Opportunity: Regular security training of security champions.
- Process Documentation: TODO
- Training Content: TOODO
Dependencies: Each team has a security champion
- OWASP Cheatsheet Series, Link, Tags: secure coding
Usefulness and Requirements of this Activity
Usefullness: Very High
Required knowledge: High (two disciplines)
Required time: Low
Required resources (systems): Low
OWASP SAMM VERSION 2
- security champions are missing in ISO 27001