Director and Distinguished Digital & Cyber Technologist Booz Allen Hamilton Reston, Virginia, United States
DevOps has necessarily matured into DevSecOps, but there is a significant focus disparity with the Sec element. As the ‘middle child’ Sec is often over-looked and under-resourced. DevSecOps is a holistic approach and only achieves full performance potential when all elements are working in harmony- this can only be achieved if the elements are generally in balance. Typically, attention and resources are only reactively provided to the Sec element and are withdrawn after the issue passes. There are processes and techniques that have been proven to raise the Sec element awareness and result in long-term stable attention and resources, resulting in the Sec element being able to make greater and broader impacts, and in improved overall DevSecOps team efficiency.
Learning Objectives:
Understand how to evaluate whether your organization properly and equally resources Dev, Sec, and Ops elements
Recognize the processes and procedures that have been proven to help achieve balance between the elements and how they can be tailored and deployed within different organization types
Appreciate the quantifiable operational, technical, and programmatic factors that empower cybersecurity to maintain a consistent and sufficient cybersecurity posture and broad DevSecOps efficiency
