DIGITAL ECOSYSTEMS
Taking a new approach to security can help avoid resistance and even resentment from cybersecurity teams , according to DevSecOps expert Larry Maccherone
WRITTEN BY : MARCUS LAW
Staffing issues in the cybersecurity workforce are well known . ( ISC ) 2 research estimates the size of the global cybersecurity workforce at 4.7 million people , but warns the industry faces a worldwide gap of 3.4 million cybersecurity workers .
And with reports suggesting that organisations are being too slow to patch security concerns , implementing DevSecOps can be a solution to organisations looking to tackle security issues .
As Deloitte explains , DevSecOps fundamentally transforms cyber and risk management . Short for development , security , and operations , DevSecOps automates the integration of security at every phase of the software development lifecycle , from initial design through integration , testing , deployment , and software delivery .
“ The purpose and intent of DevSecOps is to build on the mindset that everyone is responsible for security with the goal of safely distributing security decisions at speed and scale to those who hold the highest level of context without sacrificing the safety required ,” describes Shannon Lietz , co-author of the “ DevSecOps Manifesto .”
As Larry Maccherone , DevSecOps Transformation Architect at Contrast Security told Tech LIVE Virtual in June , taking a fundamentally different approach that creates a good sense of trust between security and development groups can actually move the needle in reducing cybersecurity risk .
“ In the world of application security today , we tend to beat people up with it . We tend to not actually trust them and help them become worthy of that trust , especially the security group in relation to the development group .”
technologymagazine . com 63