Story image

How cybersecurity will evolve to become part of DevOps

14 Feb 18

DevOps has been breaking down business siloes and improving efficiency, but it’s time those principles were brought to cybersecurity initiatives, according to Palo Alto Networks.

DevOps relies on the idea that teams should automate the tasks involved in deploying, securing, maintaining, and phasing out the processes that IT and security teams have done manually in the past. This lets DevOps teams to deliver applications and support services faster. 

DevSecOps is about making security principles integral to the DevOps process. According to Sean Duca, Palo Alto Networks VP and regional chief security officer for Asia Pacific, DevSecOps provides opportunity for organisations that are migrating to the cloud.

“Developers are writing new code anyway; they should completely rethink and modernise their approach. Developers should no longer be deploying code and installing fixes the way they did when the internet was young,” Duca says.

“They need a new approach that seamlessly integrates developers, the operational team, and the security team. It’s not just about building an app in the cloud, it’s about building security in from the very beginning.”

Organistions that include information security as part of their existing DevOps ideology may be able to build more sustainable and effective security teams – all team members could even be viewed as site reliability engineers (SREs).

“To maximise the efficiency, effectiveness, and security of the organisation’s overall operations, businesses need to eliminate separate teams for development, operations, and information security. Instead, they need tighter integration among all these teams, often held together by the SRE,” Duca explains.

“The SRE combines the skills of developers responsible for writing applications with the skills operations engineers use to deploy those applications. SREs help scale operations through automation. Organisations that embrace this role and the DevSecOps model will outperform their competitors that don’t.”

Palo Alto believes this approach is important while businesses transfer workloads to the cloud. Organisations that understand they are responsible for their own data in the cloud will be more likely to drive adoption of the DevSecOps model.

This is because they will move through three stages of cloud security: click (adding security when servers are added); command (scripting); and committing to changes as part of codes. 

“Security should natively work within the code. Businesses should understand the risks they face and the ways their network could be brought down, then integrate security into every single application,” Duca says.

“DevSecOps is the best approach to give organisations the five key requirements for success: visibility and control; segmented applications; threat prevention; process automation; and central management.”

What MSPs can learn from Datto’s Channel Ransomware Report
While there have been less high profile attacks making the headlines, the frequency of attacks is, in fact, increasing.
Cisco expands security capabilities of SD­-WAN portfolio
Until now, SD-­WAN solutions have forced IT to choose between application experience or security.
AlgoSec delivers native security management for Azure Firewall
AlgoSec’s new solution will allow a central management capability for Azure Firewall, Microsoft's new cloud-native firewall-as-a-service.
How to configure your firewall for maximum effectiveness
ManageEngine offers some firewall best practices that can help security admins handle the conundrum of speed vs security.
Exclusive: Why Australian enterprises are prime targets for malware attacks
"Only 14% of Australian organisations are continuously training employees to spot cyber attacks."
Exclusive: Why botnets will swarm IoT devices
“What if these nodes were able to make autonomous decisions with minimal supervision, use their collective intelligence to solve problems?”
Bitdefender announces security integration with Kaseya
The new partnership will allow VSA by Kaseya’s cloud and on-premises users to deploy and manage security with Bitdefender Cloud Security for MSPs.
Why you should leverage a next-gen firewall platform
Through full lifecycle-based threat detection and prevention, organisations are able to manage the entire threat lifecycle without adding additional solutions.