Stacking Frameworks
Dag Flachet
Codific, Geneva Business SchoolCEOCo-Founder, Professor
Abstract
In the last year a lot of organizations have started talking about “stacking frameworks”. With this term we mean using different frameworks at the different layers of the organization. A common stack for example is NIST CSF at the corporate level, OWASP SAMM at the business unit level and DSOMM at the dev team level. The purpose of this interactive conversation is to share experiences and have an open discussion as to what go-to stacks could look like. And whether scoring (using OpenCRE) should map up, down, both or not at all.
Speaker bio
Dag Flachet has a doctorate degree in business administration specialized in organizational psychology. He is a co-founder of Codific, and a professor and board member at the Geneva Business School. In his role he is in conversation with 35 enterprizes that roll out OWASP SAMM at their organizations.