Introduction to Secure Software Development and GDPR

Pærer - en der lyser.jpg

Learn. Understand. Get inspired.


This one-day introduction course covers:

  • The principles of GDPR with a particular focus on "Data Protection by Design"
  • Introduction to secure development best practices and standards including practical examples such as the OWASP
  • Real-life demonstration of popular hacker techniques used to exploit software vulnerabilities
  • Practical exercise where the students will identify and correct software vulnerabilities based on real-life examples

This course is intended for system developers, software architects and IT operations staff wanting understand the importance of secure development and looking for an introduction as to how secure development can be achieved in their daily work.

Participants should have basic understanding of application Development and IT infrastructure.

After the course, the student will be able to:

  • Understand the importance of and core principles behind GDPR, especially in relation to "Data Protection by Design"
  • Identify security risks within software development


A one day course for software developers, software architects and IT-operations staff.

The General Data Protection Regulation (GDPR) sets new standards for the physical processing of data (where and how) and for the data controller's obligations to manage the data processing. But GDPR also impacts companies' and organizations' software development life cycles and corresponding IT-development processes and increases the need to introduce secure software development.

This course explains the fundamentals of secure development and how development teams can build and deliver secure software. We will go through the principles behind secure software development and connect these to the principle of “Data Protection by Design” in GDPR.

This course is headed up by Stefan Benediktsson and Rasmus Theede, including visiting guest speakers.

Stefan Benediktsson has worked in the IT field since the late 1980s when he started his career as a software developer in the airline business. His background as a software engineer gives him the foundation and knowledge to analyse and find solutions to a given problem. Stefan has been working as an IT consultant in a wide range of market areas and has a deep knowledge and experience of the different business segments’ needs and demands. As an advisor, Stefan has helped customers design their infrastructure to meet their high demands. He also has a long experience in design, implementation, education and operation.

Rasmus Theede has headed up IT and information security functions in large European enterprises for more than 20 years. He recently held a position as Director of Technology in the IT association DigitalEurope in Brussels working as an advisor to the EU Commission on critical legislation such as GDPR and the EU Cyber Security Strategy. 

Rasmus is a member of several governmental and private information security councils and has served several years as a chairman of the board of the Danish Council for Digital Security. He holds an executive MBA, a Master of Technology, a degree in Advanced Computer Studies and is certified CISSP, CISA, CISM and CRISK.

All our tutors and guest speakers have at least 10 years of practical experience with cyber security challenges.

The course is being organized in other European countries on a frequent basis. Contact us here for more information about courses in your area - or for general inquiries on the course.