PREDI C TI VE I NTEL L I GE NC E
Securing
DevOps:
Why culture is key to driving
company-wide success
DevOps projects are undoubtedly driving business
benefits and growth across the region – but it’s crucial
that security is given due consideration from the outset.
Bharat Mistry, Principal Security Strategist at Trend Micro,
explores the key challenges businesses face when it comes to
implementing DevOps initiatives from a security standpoint and
offers his insight into how organisations can create a cultural shift
to a ‘security-by-design’ approach.
D
evOps is the new
engine for global
business growth.
All over the planet,
organisations are
becoming more
responsive to
changing market demands thanks to the
roll-out of agile, automated development
processes. Yet there are challenges.
Cybersecurity remains the number one
barrier to effective implementation of
projects. According to a global Trend
Micro poll, an overwhelming 94% of
IT leaders claimed that implementing
DevOps initiatives would cause major
security concerns.
In many cases, the answer lies not
just in equipping IT security teams
with the right resources, but in the
www.intelligentciso.com
|
Issue 17
much harder task of driving cultural
change throughout the organisation.
That’s the only way to overcome key
challenges including IT siloes and lack
of ownership, to drive lasting success.
DevOps. Yet in getting there, they are
also concerned about the potential for
DevOps to expose them to a greater risk
of cyberattacks and breaches.
DevOps is everywhere. Our research
revealed that more than a third (37%)
of global organisations have already
implemented projects and a further 44%
are currently doing so. Most (79%) said
that DevOps is a bigger priority than it
was a year ago. Why is this happening? Part of the security challenges presented
by DevOps lie in the new IT architectures
being used and the overwhelming
need for speed. These development
practices have ushered in a new era
of horizontal microservices. Potentially
updated several times each day, they are
a long way from the monolithic, vertical
applications of old which were changed
at most on a monthly basis.
Because of the rewards on offer:
everything from enhanced process
efficiencies to accelerated speed of
deployment. Ironically, those we spoke to
also pointed to IT security improvements
as a major business benefit from Securing such a fast-changing, fluid
environment can be tricky – especially
if security is still viewed as reactive,
perimeter-focused, slow and manually
driven. Often the speed-to-market
imperative means developers take
Taking over the world
33