A nuclear power plant was forced into an emergency shutdown for 48 hours after a software update was installed on a single computer. In another incident, software purchased through a vendor attacked computer controllers and brought them to a halt. The Department of Homeland Security has warned that the United States was vulnerable to more “cyber attacks” that could derail trains, poison water supplies, and cripple power grids. Incidents like these will continue to happen because companies fail to appropriately fund and develop processes to support security activities throughout product life-cycles and IT cyber architectures. This presentation focuses on the results of beta appraisals for the Security Capability.