Refocusing Security in the DevOps Era: Enabling "Secure by Default"

March 12, 2018

Organizations going through digital transformation initiatives need their IT organizations to be able to accommodate an increased business tempo. "NewIT" and DevOps have helped bring this change about, but now security teams need to follow suit by modernizing their practices. Current operations are often designed for quarterly release cycles (or longer). Also, patching legacy environments places a significant burden on organizations.

Security teams should enable a "secure by default" posture. This can be achieved in two ways: by distributing more responsibilities to development and operations teams, and by embracing continuous delivery of applications on newer platforms. These new platforms should support high levels of automation and be inherently hostile to unauthorized use. Platforms can achieve this level of self-protection by seamlessly and periodically updating themselves where applicable. This maintains the environment in a known-good state and reduces the risk posed by any temporary foothold an attacker may gain.
 
Security organizations that are able to deliver results in an efficient, highly automated manner can better support the agility required by their core business and the modern threat environment.

About 451 Research

451 Research is a preeminent information technology research and advisory company. With a core focus on technology innovation and market disruption, we provide essential insight for leaders of the digital economy. More than 100 analysts and consultants deliver that insight via syndicated research, advisory services and live events to over 1,000 client organizations in North America, Europe and around the world. Founded in 2000 and headquartered in New York, 451 Research is a division of The 451 Group.

Previous
Beyond Speed: Enterprise CI/CD and DevOps
Beyond Speed: Enterprise CI/CD and DevOps

Next
Cloud Foundry shows mainstream appeal as Pivotal goes public
Cloud Foundry shows mainstream appeal as Pivotal goes public