This is often the first program that any programmer learns. It is also a great way to break the ice. I am John Allison, and I recently joined Checkmarx to further improve our market presence within public sector, and I couldn’t be more excited.
My journey in the public sector started over 30 years ago (yes, I’m that old). I joined the US Air Force, and entered the world of Department of Defense (DoD) acquisition. I spent about twenty years purchasing stuff, everything from aircraft engines to critical command and control software. I also spent four years as an intelligence analyst focusing on world wide cyberthreats, along with other threats, that fall within the umbrella of Information Operations. If you think buying commercial software is frustrating, I dare you to buy critical software for the DoD where one mistake can cost lives. It puts a whole new meaning to both software quality and software security.
After serving for 24 years, I retired in 2015. I re-entered the work place, after a brief two-month retirement.
Unknown to me at the time, I starting my journey specializing in developing, and bringing to market, regulated cloud offerings. I started at a large enterprise company and got the chance to build a data center and to bring to market a DoD cloud offering. After that I was recruited by a start-up company as their first public sector hire. I created their FedRAMP program and helped them through their first audit. I then joined another startup to do much the same and did. I brought them through the big audit and nearly to the authorization when Checkmarx came knocking.
I jumped at the opportunity Checkmarx offered me, because of what Checkmarx brings to the table.
As I said before, I had purchased software for the Air Force and had taxpayer’s dollars doing so. What frustrated me the most was the quality of the software delivered. If we wanted the contractor to fix the software, we had to pay even more. Often we didn’t learn about the software security issues until after the software was delivered. It would have been a game changer to have CxOne at that time. Just the idea of continuously able to monitor software security issues during development would have radically changed how we could hold contractors accountable to specific security standards, up to and including delaying payment until the software was in an acceptable state.
Why am I here at Checkmarx? I am here because I firmly believe that Checkmarx is at the core of improving the software that impacts every US citizen. Our government runs on software, and much of it is developed just for the Government. Application security for those applications is my security. It protects my data, and my fellow citizens data. I was fortunate to join Checkmarx because not only do they have a robust existing business with the Government and multiple Government software providers, but they also have executed on a cloud-centric vision that is perfectly aligned with the Government’s National Cybersecurity Strategy.
Finally, why am I blogging today. Well, I’ve decided to bring you along on my journey into the world of public sector within Checkmarx. To give you a behind the scenes thinking as we continue to evolve with the Government as application security become more important in the public sector. I have several other blog posts lined up to address how Checkmarx fits into the public sector strategy, not only for the government itself, but for all software companies producing or selling software to the government. In addition, as we meet certain milestones on our journey, I’ll share with you those accomplishments.
I want to thank you for reading all the way down to the end. If you have any questions on Checkmarx and public sector, please reach out to me and I’ll do my best to answer. There is a lot of work ahead and I’m excited to get started.