Integrating DevSecOps Teams

The biggest cultural challenge facing aDevSecOps transition may be integrating existing security teams into Dev and Ops. Traditional teams understand development and operations but bringing the dept of “No” into accelerated delivery creates challenges. A practical guides based on personal experience

When working with DevSecOps, the biggest challenge may be how to integrate security into Dev and Ops functions. Traditional teams understand development and operations but bringing the department of “No” in compliance security for highly-regulated industries can be more difficult. This session discusses some experience about building the basic discussions into your teams when integrating security practices. Starts with explaining the cyber threat landscape faced by today’s businesses and then expands to suggest ways to better integrate your security team while facing modern challenges. Uses current examples of transformation from both sides to emphasize understanding. Offers a clear framework to guide the discussion between dev, sec, and ops teams to build common ground and deliver value to the customer.

Experience across multiple programs integrating security. DevOps Institute Ambassador and US Chapter lead. Author of Cashing in on Cyberpower, analyzing ten years of cyberattacks for economic effect. I’ve done this, and made it work. This talk suggests some basic standards to build common ground between security teams and DevOps.