Companies that develop software but don't bake security in during development do so at their own peril, says Intrust's Dave Hatter in a recent TechTarget article.
Moving from DevOps to DevSecOps is going to require fundamental shifts in both thinking and operations. Some finesse is required to help developers and security practitioners work well together, Hatter said.
"As an application developer, I usually saw the security team as a giant impediment slowing me down, reducing my productivity and coming up with -- what seemed to me at the time -- ridiculous controls," Hatter said in the article.
DevSecOps Struggle Is Real
The article points to challenges DevSecOps face, including collaboration, role definition and the lack of skilled workers in this field.
But, Hatter is optimistic. "There is enormous opportunity here to see huge productivity gains, as well as massive improvements in the security and quality of code," he said.
Read the entire TechTarget article on DevSecOps here.
"14 Non-Technical Things You Can Do Today to Protect Your Business from Cyber Crime"
Here's what you'll learn:
- Why your employees are your weakest link and what to do about it
- Easy ideas for keeping passwords secure
- How to tell if your cyber insurance policy is worthless