Information security continues to be an important topic for any enterprise. However, it is more than just the CISO’s problem. If you’re building software, either for internal IT projects or as products, you must be part of the solution. As an executive, you’re likely not steeped in the day to day tasks of your engineering team – how do you know your teams are doing the right thing and get what you expect? This talk will discuss the high level challenges of software security and explore techniques to get your teams thinking the right way about the problem.