How to Overcome the Three Obstructions in a DevOps Environment?
Since the inception of DevOps, it has been addressed as one of the most debated subjects in IT circles. Some consider it a marketing fad, while others believe that it is here to transform the business sector. DevOps has evolved from a methodology that brings together the developers and operations team together into a strategy for processing an entire business into a single operational entity. However, there is an ongoing war amid the software developers and security teams.
But DevOps is helping to break the barriers amid the software developers and security teams and introduces new challenges for security teams. So, below listed are three hurdles that security teams would need to overcome in order to integrate and enable DevOps.
1. Increase in Pace: DevOps offers an entirely new pace of development, which the security personnel must consider seriously. Historically, these DevOps cycles were months long, but now this shift is as short as weeks or days. As a result, a refactored security solution and toolsets are required for a continuous delivery flow which must be easy to integrate and maintain. Additional features like real-time vulnerability alerts and state-of-the-art threat modeling are needed.
2. Removal of Barriers: The success of DevOps highly depends upon the breakdown of data silos to facilitate cross-functional and collaborative teams. To achieve an accurate and effective DevSecOps, security, development, and operations must work cohesively in pursuit of a shared goal. Moreover, the position of security teams must shift from roadblock to consultant, guiding developers to fix bad code.
3. Advanced Skills: For security technology to be integrated correctly into the dev process and support a desired level of agility, security teams are often asked to learn new skills, including API and coding.
These three points are essential, and security teams must consider these to evaluate their security programs and also propose program shifts that support the growth and success of DevOps. At last, security teams must look at DevOps through the same lens as customer-facing web application by forming a set of standards and best practices; a switch to DevOps can then reap significant rewards for an organization.
Analyzing the Influence of DevOps on IT
By Tom Farrah, CIO & SVP, Dr Pepper Snapple Group
By George Evans, CIO, Singing River Health System
By John Kamin, EVP and CIO, Old National Bancorp
By Phil Jordan, CIO, Telefonica
By Elliot Garbus, VP-IoT Solutions Group & GM-Automotive...
By Dennis Hodges, CIO, Inteva Products
By Bill Krivoshik, SVP & CIO, Time Warner Inc.
By Gregory Morrison, SVP & CIO, Cox Enterprises
By Alberto Ruocco, CIO, American Electric Power
By Sam Lamonica, CIO & VP Information Systems, Rosendin...
By Sven Gerjets, SVP-IT, DIRECTV
By Marie Blake, EVP & CCO, BankUnited
By Lowell Gilvin, Chief Process Officer, Jabil
By Walter Carvalho, VP & Corporate CIO, Carnival Corporation
By Mary Alice Annecharico, SVP & CIO, Henry Ford Health System
By Bernd Schlotter, President of Services, Unify
By Bob Fecteau, CIO, SAIC
By Jason Alan Snyder, CTO, Momentum Worldwide
By Jim Whitehurst, CEO, Red Hat
By Marc Jones, Distinguished Engineer, IBM Cloud Infrastructure