CSO Perspectives (Pro) 6.8.20
Ep 10 | 6.8.20

DevSecOps: a first principle of cybersecurity.

Show Notes

DevSecOps is a cybersecurity first principle strategy.

DevSecOps is the future of good cybersecurity. Without DevSecOps, your entire cybersecurity first principle wall is going to crumble under the weight of its own complexity. Rick discusses the DevSecOps principle, how to integrate software developers, IT operators, and security analysts into a hybrid DevSecOps team, and how to design (and redesign) the security operations center to enable effective integration.

Cybersecurity professional development and continued education.

You will learn about: the ideal DevSecOps team, necessary skills for successful DevSecOps, rethinking the security operations center.

CyberWire is the world’s most trusted news source for cybersecurity information and situational awareness. Join the conversation with Rick Howard on LinkedIn and Twitter, and follow CyberWire on social media and join our community of security professionals: LinkedIn, Twitter, Youtube, Facebook, Instagram

Additional first principles resources for your cybersecurity program.

For more DevSecOps and cybersecurity first principles resources, check the topic essay.

Selected Reading:

  1. “10+ Deploys Per Day: Dev and Ops Cooperation at Flickr,” by John Allspaw and Paul Hammond, Velocity 09, 25 July 2009.
  2. “Cybersecurity Skills Shortage Tops Four Million,” by Phil Muncaster, Infosecurity Magazine, 7 November 2019.
  3. “Cybersecurity Talent Crunch To Create 3.5 Million Unfilled Jobs Globally By 2021,” by Steve Morgan, Cybercrime Magazine, 24 October 2019.
  4. “Keynote PuppetCon 2014: The Phoenix Project: Lessons Learned – Gene Kim, IT Revolution Press (Vimeo repost)” by Gene Kim, YouTube, 9 October 2014.
  5. “The 10 best DevOps tools for 2020,” By Anna Monus, Raygun, January 200.
  6. “The Convergence of DevOps,” by John Willis, IT Revolution Press: Helping Spark the Cambrian Explosion.
  7. “The Cybersecurity Canon: Site Reliability Engineering: How Google Runs Production Systems,” Book Review by Rick Howard, Palo Alto Networks, 26 September 2017.
  8. “The Cybersecurity Canon: The Phoenix Project: A Novel About IT, DevOps, and Helping Your Business Win,” Book Review by Rick Howard, Palo Alto Networks, 21 October 2016.
  9. “The Cybersecurity Skills Gap Won't Be Solved in a Classroom,” by Marten Mickos, Forbes, 19 June 2019.
  10. “The Goal: A Process of Ongoing Improvement,” by Eliyahu M. Goldratt, and Jeff Cox, Published 1982 by North River.
  11. “The Lean Startup: How Today’s Entrepreneurs Use Continuous Innovation to Create Radically Successful Businesses,” by Eric Ries, Published January 1st 2011 by Crown Business.
  12. “The Phoenix Project: A Novel About IT, DevOps, and Helping Your Business Win,” by Gene Kim, Kevin Behr, and George Spafford, Published by IT Revolution Press, 10 January 2013.
  13. “The Rise of Next Generation Security Operation Center (NG-SOC),” by Taslet, Medium, 1 December 2017.
  14. “To agility and beyond: The history—and legacy—of agile development,” by Peter Varhol, TechBeacon, 26 August 2015.
  15. “What is DevOps?” by Ernest Mueller, the agile admin, 16 January 2016.
  16. “Why Did We Need to Invent DevSecOps?” by Tom McLaughlin, Threat Stack Blog, 1 June 2016.