Over the past couple of years, a discussion has been brewing in the Security community about the future of its work. On one hand, the need for security is more urgent than ever as all areas of business and personal computing are being impacted by cyber threats. On the other hand, the process of delivering software has changed: We have significantly streamlined the development process by reducing organizational silos through various implementations of a DevOps culture.
So here’s the question: Faced with this changing landscape, how can Security transform the way it does business in order to contribute its full value — without negatively impacting development schedules and operational procedures?Security needs to adjust to the rapid and agile world of the cloud, but the transition doesn’t have to be difficult. The Ops community faced a similar transition when it integrated with Dev, and there’s much that Security can learn from their experience.
To help out, I’d like to share some of the things I’ve learned over the past few years as I witnessed Ops being integrated into Dev, along with some observations on how Security might use these lessons to transition into the DevOps world.
IT pros and developers can’t be excellent at everything. Instead, embracing specialization and empowering collaboration in your organization can achieve meaningful and lasting DevOps progress.
Building a collaborative and lightning-quick DevOps organization is a complex but critical business mission today. The technology industry is filled with a host of best practices that promise to help companies achieve this objective. Some of these suggestions make a great deal of sense. But many of the recommendations lead to mediocre results, and organizations simply can’t afford to be half-good when it comes to DevOps.
I’ve been at this a good while, and, as a technology team leader, I’ve found that embracing specialization and empowering collaboration in almost any organization can achieve meaningful and lasting DevOps progress.
Gene Kim launches
How To Create World-Class Agility, Reliability, & Security in Technology Organizations
Gene Kim, one of the most vocal advocates of DevOps, wrote the business novel The Phoenix Project (with co-authors Kevin Behr and George Spafford) in response to the common state of IT project development
Modern DevOps: Connecting business and IT
Bringing teams from different fields together in a good way is rarely easy, when those teams are involved in the same business processes but do not work together directly. That’s why a group of people led by Patrick Debois suggested a new concept back in 2009: DevOps. They offered a solution to tackle the problem which exists in both development (Devs) and administrative (Ops) level. The DevOps movement developed substantially and made fundamental changes to basic concepts in IT and their roles in organizations.
Originating from the idea of making processes in conventional IT settings – classic on-premise-server, separated dev- and ops-departments – smoother, the DevOps movement is now mostly concerned with consistent digitalisation and areas with a high pressure to innovate.
Powered by the internet, many industries are subjected to an increasing pressure to change. While some are still looking back half-heartedly at their losses in traditional market shares, others are already making steps toward an open, hard-to-plan future. Consistent digitalisation and high-performance IT-structures are imperative – as demonstrated by renowned companies such as Netflix, Spotify, and Uber.
What exactly are the driving forces in business towards a DevOps culture? Allow me to start by naming some (although certainly not all) buzzwords:
- Globalization results in increased competition in almost all industries.
- The internet is more than just a modern marketing and sales platform for traditional fields of business. It has the power to transform classic business models, modify them or make them obsolete altogether.
- Disruption is not an exception, but will be the norm in most markets. The ability to innovate will, therefore become the key to success for companies.
- Therefore, markets cannot be perceived as stable, making long-term planning obsolete. Iterative strategies and many changes will become essential for companies’ success.