Security + DevOps: How to Get it Right? Hear from Industry Expert on the Next #c9d9
Written by: Electric Bee
1 min read
The pervasiveness of software is driving the dynamics of business transactions everywhere. We live in a time of a highly competitive and truly global economy where the question being answered among businesses now is n “who can innovate the fastest?”
To keep pace with the increasing velocity of software updated being introduced to the market, enterprises embrace DevOps and Continuous Delivery practices, along with implementing a fully-automated software delivery process, in order to keep up with the demand to go faster. .
But DevOps and the automation of build, test and deployment processes also shine a light on another ever-present and evolving business factor – security and compliance.
James DeLuccia, author of IT Compliance and Controls: Best Practices for Implementation - and a panelist on the upcoming #c9d9 next week on Security and Compliance in DevOps - wrote a great article in the WSJ about how this IT transformation paradigm is affecting the financial services industry specifically and the how audit and compliance function s evolves as a result.
Information Security (InfoSec) and compliance are critical to businesses across the globe, especially given past examples of data breaches and looming cybersecurity threats. As a result, InfoSec has initially looked at DevOps – and the ability to “go fast” - as a risk to security controls, and ensuring compliance and auditability.
However, we increasingly see InfoSec teams embracing DevOps as the practice that enables – and enforces – security and compliance requirements. Enterprises that have taken the “DevOps plunge” have shown – consistently – that automation, improved visibility, collaboration, consistent release practices, and other DevOps practices actually mitigate potential security problems, discover issues faster and address threats more quickly, while maintaining high velocity and fast time-to-market on the side of the business.
Want to learn more about this topic and join the conversation? Join James DeLuccia , Jonathan McAllister (author of Mastering Jenkins , automator and business consultant), Nikhil Vaze and me on Tuesday, November 24 - as Continuous Discussions (#c9d9) discusses the best practices for enforcing security and ensuring compliance and auditability as part of your DevOps processes .
Hope to see you there!
This episode features:
Add the event to your calendar »
Continuous Discussions (#c9d9) is a bi-weekly series. See all episodes here .
Next week on #c9d9: Security and Compliance as part of your DevOps processes
This episode features:
James DeLuccia IV
Technologist, Author, Security Evangelist, Risk Manager, Entreprenuer, and Runner. James is the Author of IT Compliance and Controls: Best Practices for Implementation and How Not To Be Hacked: The Definitive Guide for Regular People
@JDeLuccia | pcidss.wordpress.com
Jonathan McAllister
Jonathan has been creating automation software since he was a child. Professionally he leverages 10+ years of experience in software development, test, and delivery practices. He is an author, automator and business consultant.
@jmcallister80 | www.masteringjenkins.com/
Nikhil Vaze
Staff Software Engineer at CloudBees. He is a full stack engineer and loves to hack on things. Nikhil holds a Master of Science in Security Informatics.
@therealnikhil | https://electric-cloud.com/blog/author/nvaze/
Continuous Discussions (#c9d9) is a bi-weekly series. See all episodes here .
Stay up to date
We'll never share your email address and you can opt out at any time, we promise.