Chris John Riley
Staff Security Engineer, Information Security Engineering
Chris leads Google's Minimum Viable Secure Product (MVSP) efforts, and is part of Google
security teams efforts to help the world secure their software. Previously Chris was responsible
for leading vendor security assessment efforts and worked on the security of 3P security
integrations. Before joining Google, Chris was an IT security consultant who specialized in
security testing and research in the financial services sector across the United Kingdom,
Germany, and Austria.
Sessions
The 2022 Verizon Data Breach Investigations Report showed that 62% of system intrusion incidents came through a partner. To address this challenge, organisations across the industry have come together to design Minimum Viable Secure Product (MVSP) – a vendor-neutral security baseline that is designed to eliminate overhead, complexity and confusion during the procurement, RFP and vendor security assessment process by establishing minimum acceptable security baselines for enterprise B2B solutions.
In this presentation, we will talk about how Google uses MVSP, and the goals of the MVSP program to raise the minimum bar for enterprise software and services at scale.