Ashit is the Co-founder and Laboratory Director of Acumen Security. Acumen provides consulting and evaluation services in the security certifications arena with offices in US and India. Before co-founding Acumen, Ashit led the FIPS and CC certification team at Cisco Systems, Inc. Ashit was responsible for enabling and protecting $2 billion in annual revenue. While at Cisco, Ashit instrumented changes to increase efficiency and certify more intelligently. Ashit’s experience spans the gamut of IA and IA enabled products such as Routers, Switches, Firewalls, Data Center products, smart cards, and software applications.
Ashit’s areas of expertise include FIPS 140-2, Common Criteria, International crypto certification requirements, cryptography, and networking. He holds a Masters of Science degree from the University of Southern California (USC) and a Bachelors in Telecommunications Engineering from the University of Mumbai (India).
Product Certifications: The Trojan Horse for an Effective SDL Program
A strong product security program is foundational for anyone who builds products for customers. In the mind of the customer today, security is non-negotiable. However spending capex and resources to build a SDL program is difficult strategic choice for lot of companies. This is where product certifications can help. Typically there is a solid business case around pursuing certifications such as Common Criteria, FIPS 140-2 etc. But most companies approach certifications in a tactical manner to meet the procurement check-box. If certifications are leveraged to meet the larger goal of a higher security baseline; it is possible to build a SDL business case while increasing efficiencies and reducing costs.
Come and learn how to connect your product security program with certifications to ensure that your products are as secure as possible before shipping to customers.