by Lynette Hornung, Senior Privacy and Security Architect Manager 

In Fall 2015, I was invited to speak at COSAC, an international enterprise security architecture conference attended by a diverse group of IT security professionals working in a variety of industries. Presentations are interactive and provide a unique learning experience from many intelligent, experienced professionals who share a broad depth of knowledge and passion for IT. Along with a professional colleague, I presented on the topic of Coding as the New Literacy. This was an interactive session that discussed the power of literacy with coding, explored the history of literacy, and then looked at coding as a new form of literacy. The session explored the following questions:

• What are the implications of the power to code?
• What types of safeguards are in place to check the power of the coders?
• Are coders taught to understand the need to protect data from a security and privacy / data protection standpoint?
• Even if coders understand this importance, what is their employer’s operational practice in an environment that focuses on turning out new applications as quickly as possible?
• Do security requirements and privacy requirements get compromised, if not sacrificed?

At the end of the session, we had some key takeaways–mainly that it is not enough to simply have good coders. Instead, good coders must also possess computational thinking, which involves understanding business needs and how to design programs to address these needs. Coders need a holistic approach to also understand privacy and security implications, and managers should balance their reliance on coders to account for business needs.
For more information on COSAC, you can visit http://www.cosac.net/about.html and learn about this year’s program. If you have any questions or would like to get involved in COSAC, feel free to reach out to me!