SecOps Revisited: The Challenge of DevOps for Security

Since we covered SecDevOps in May 2015, SecOps, DevOps and software-as-a-service (SaaS) have become mainstream among developers and consumers. The rate of cyberattacks also rose sharply during that time, suggesting that fraudsters are as determined as ever to breach cloud defenses.

Planning and SecOps Certification

IT managers should conduct threat modeling and risk assessment at the beginning of the planning stage. Shadow IT can make it even more difficult for IT teams to understand, assess and control their assets.

ISO27k is one of the most important frameworks for cybersecurity professionals to understand. Customers demand assurances that organizations employ IT best practices across all stages of the cloud delivery model. Frameworks such as ISO27k provide independently certified approaches to building trust with customers.

Data Sharing Is Key During Development

The development stage focuses on the best implementation practices for secure engineering. During this phase, developers must implement encryption models and understand their performance implications in a mirror production environment. They should then conduct security scans and penetration testing and share the results to empower the engineering community. Finally, IT managers should train developers to identify security risks.

When considering a content delivery network (CDN), IT decision-makers should carefully consider endpoint protection services such as rate limiting. The desire for identity federations and recent high-profile vulnerabilities in social media accounts has led to a resurgence in the need to protect our assets from traditional attack vectors such as brute-force password login. It is critical for cloud service providers to have access to all log data to mitigate these risks.

Respond, Review, Repeat

The operations stage involves security monitoring and incident response. IT managers must assess all new data within the context of the security controls that were implemented during the development stage. They should then review the new features against the original threat model and ensure that new hardware and workstations are managed correctly to prevent shadow IT.

It’s critical to manage user access, especially privileged access, and adjust credentials regularly to meet business needs. Furthermore, IT teams should share vulnerabilities and regularly review processes related to logging security incidents.

A Bright Future for SecOps in 2017

Information is key. Cybersecurity leaders must determine whether they have the necessary forensic tooling and skills to react quickly to security events, build incident response plans and gather forensic data.

Audit readiness is an ongoing process. IT leaders must constantly question their ability to successfully pass an audit at any point in time. Operational readiness is equally important. Developers want to release new features as quickly as possible, and this often clashes with the operational responsibility to sustain a service. Any change to the IT environment should be reviewed by all stakeholders.

Machine learning should deliver a new set of tools to engineering and operational teams and unlock a new partnership between security analysts and technology to outthink and outpace threats, setting developers up for a successful and secure 2017.

Read the white paper to learn more about cybersecurity in the cognitive era

Cathal O'Donovan

DevOps Manager, IBM

Cathal has spent 17 years in the IT Industry as a Developer & Manager. He has a general interest in all things IT.