Join Richard Hollis - CEO of Risk Crew for this interactive discussion.

Watch the video



There are two key facts to understanding today’s threat landscape: First, 84% of all cyber-attacks occur at the application level. Second, the Open Web Application Security Project® (OWASP) list of the top 10 (application security vulnerabilities) has not changed by more than 30% in the last 15 years. Simply stated, year after year, breaches continue to rise because we neglect to incorporate security into the development of our applications.

Development, Security, & Operations (DevSecOps) is the practice of implementing best security practices early and throughout the application’s development life cycle. It should involve practices like segmenting developers, scanning repositories for security vulnerabilities, conducting continuous monitoring, static code analysis and secure code reviews. Unfortunately, very few organisations have the tools, expertise or resources to implement these best practices and the market rewards speed over security. At best, we subject these insecure applications to boilerplate security penetration tests that do not address design and deployment-specific vulnerabilities and attack surfaces.

About the speaker

Richard Hollis

Richard Hollis is the Chief Executive Officer for Risk Crew Limited a unique London-based information security governance, risk, and compliance (GRC) management consulting firm specialising in providing creative, cost-effective, independent cyber risk management and security awareness training solutions. Richard possesses over 25 years of “hands on” skills and experience in designing, implementing, managing, testing and auditing enterprise level information security programmes.

Our events are for adults aged 16 years and over.

BCS is a membership organisation. If you enjoy this event, please consider joining BCS. You’ll be very welcome. You’ll receive access to many exclusive career development tools, an introduction to a thriving professional community and also help us Make IT Good For Society. Join BCS today

For overseas delegates who wish to attend the event, please note that BCS does not issue invitation letters.


BCS is following government guidelines and we would ask attendees to continue to also follow these guidelines. Please go to for more information, advice, and instructions.

This event is brought to you by: London Central branch, London South branch and London North branch

Webinar: No DevSecOps? Plan B: Risk-Driven Application Testing
Date and time
Tuesday 4 April, 6:30pm - 7:30pm

This event is sold out