Derek Fisher is a seasoned cybersecurity leader, educator, and author with decades of experience in engineering, secure software development, and enterprise security strategy. He serves as a professor and program director in higher education, where he mentors the next generation of cybersecurity professionals and leads curriculum development in cyber defense and secure software lifecycle practices.

His work spans hands‑on security architecture, secure SDLC, threat modeling, product security leadership, and organizational risk management. Derek is widely recognized for his ability to translate complex security concepts into practical, real‑world guidance for engineers, developers, and security practitioners.

Professional Credentials

CISSP – Certified Information Systems Security Professional

CSSLP – Certified Secure Software Lifecycle Professional

AWS Certified (Cloud Expertise)

Teaching & Subject Expertise

Derek specializes in making security accessible, actionable, and aligned with modern engineering practices. His teaching areas include:

Core Domains

Security & Risk Management

Secure Software Development (SSDLC)

Application Security & Threat Modeling

Cloud Security (AWS)

Identity & Access Management

Network & Infrastructure Security

Governance, Compliance & Policy‑as‑Code

Publications & Thought Leadership

Derek is the author of several respected works in application security, including The Application Security Program Handbook, Threat Modeling Best Practices, and a children's book series on cybersecurity called Alicia Connected. He contributes regularly to publications on topics such as AI in cybersecurity, secure SDLC, and critical infrastructure threat modeling.

Teaching Philosophy

Derek believes that the strongest security programs are built through:

Clear communication

Practical, hands‑on learning

Empowering learners to think critically rather than memorize

His courses blend real‑world case studies, architectural patterns, and exam‑ready frameworks to help students build both competence and confidence.

Ideal Learners

Derek’s courses are designed for:

Aspiring cybersecurity professionals

Software engineers transitioning into security

Security analysts preparing for CISSP or CSSLP

Product security and DevSecOps practitioners

Technical leaders seeking to strengthen organizational security posture