Securing Software for Healthy, Energy-Efficient Smart BuildingsMarch 10, 2023 Tweet
Jason Christman, Vice President and CPSO of Johnson Controls, Inc., talks about the value of shifting left in design and development while continuously innovating smart building technologies.
Johnson Controls’ suite of connected solutions called OpenBlue includes tailored, AI-infused service solutions such as remote diagnostics, predictive maintenance, compliance monitoring, and advanced risk assessments for building environments.
“Today what’s so critical about smart buildings is that the technologies that used to be isolated are coming together to provide new value to customers, whether a hospital, school, airport,” says Jason Christman, VP and chief product security officer at Johnson Controls. He adds that customers “are looking for energy efficiency, sustainability and now with the pandemic they’re looking for healthy indoor air quality.”
Implementing these capabilities calls for a convergence of information technology and operations technology systems, and Johnson Controls is bringing those together in a smart way with artificial intelligence and strong cybersecurity and compliance controls.
Christman describes Johnson Controls as a manufacturer, integrator, and service provider to the market, which focuses on setting a “north star” to tie security principals to clients’ business strategy.
In this interview, he reveals how Johnson Controls deploys DevSecOps across the CI/CD lifecycle, which is mapped out and automated as much as possible—from threat modeling and scanning of code, to testing, attestation and SBOMs, along with ongoing vulnerability management and other critical controls.
Tune into this video interview and learn how Christman’s organization is structured for success as it manages these competing priorities across multiple business units under centralized governance using decentralized execution to support agility and speed-to-market.
Click here for more information on Johnson Controls, Inc.’s approach to securing products and managing risk.
Objectives and Key Results resource that Jason Christman follows to align cybersecurity with business product strategy and to measure results.
GrammaTech resource for secure coding software certification.
Read about GrammaTech's Product Security Executive (PSE) of the Year Award program.
Interview with Johnson Controls' Jason Christman, CPSO