ShieldX has assembled a set of guides for CISOs to help understand and deal with today’s security challenges. They are designed to be ready quickly with a check list approach to help CISOs—and their teams—become more effective. Next up? CISO’s Guide to DevOps: Learning to Cooperate with DevOps and Living to Tell the Tale. (No registration required).
In this guide, we explore how the DevOps paradigm presents a major dilemma to Chief Information Security Officers (CISOs) and their security teams. DevOps requires agility and, in fact, most areas of IT have become agile by automating in areas like service orchestration and continuous deployment. The problem? The rate of change in security is slow and many IT security processes are still manual. For example, before deploying a new application, a security team may require weeks to analyze new architectures and create, test and deploy new security controls. This inhibits technical and business innovation.