Security practitioners struggle with the predicament: How do I get the engineering teams to wake up and start taking software security seriously? Rapid, dramatic change is most quickly achieved via a crisis. This session will share some lessons on how to prepare for a crisis and what to do once it arrives to ensure you leave your software security program in a stronger position once it’s all over.