Using DevOps for Improving Cybersecurity
In the current digital era, IT organizations are striving to become more efficient and continually respond to the ever-changing customer, business and market requirements. The responsibility of IT to support – and even manage – business processes is increasingly growing, and this fact has changed the way IT organizations work internally, as IT needs to deliver outcomes faster every day. Application Development departments have adopted Agile approaches to increase the speed of delivery and deployment of software in the live environment, but the advantages gained through the adoption of new approaches many times represent disadvantages for other parts of the organization.
The Inherent Risk of IT’s Increased Workloads
As Application Development teams focus on producing larger amounts of software, IT Operations teams are fighting against (and most of the time complaining about) disruptions and incidents that could have been foreseen and prevented in the development stage. The incidents that have the highest priority for IT organizations, and that clearly affect the customer organization, are Information Security Incidents, which are materialized once a cybersecurity threat finds a way to exploit a vulnerability in the organization, and then may result in a security breach. It is well known that these vulnerabilities are prone to come precisely from the software the organization uses for enabling business processes or activities, and these could be commonly avoided if Application Development or Software Implementation teams were able to foresee them.
How DevOps Helps
In those cases where a security breach occurs due to an overlooked threat in the development stage, DevOps is something that the affected IT organizations could have used to prevent this from happening. DevOps is the cultural movement that encourages people (specifically Development and Operations, though it can be applied beyond these two) to collaborate and provide feedback to each other that will help them understand each other’s environment. It also leverages the current ITSM capabilities, such as those based on ITIL, SCRUM, Lean IT, and other agile and best practice frameworks, in order to get the highest value from a holistic use of all these approaches.
50% of security breaches occur due to a lack of security awareness by the organization, and I can assure you that in a good extent this awareness is needed by the Application Development teams, and it can certainly be provided by the Operations teams — if only they had the culture of working together, which by the way is promoted by DevOps!
It’s Not Only about Preventing, but also Recovering
In recent years, the term “IT Security” has evolved to “IT Resilience”, where not only it is important to prevent and protect, but also react once a threat is materialized and the organization is hit by the attacker. In the last five years, DevOps has proved to help IT organizations recover 24 times faster from failures, including security breaches, given that operations teams are more aware of how IT services are designed and built, hence the resilience capability of the IT organization as a whole is considerably improved.
Certainly DevOps will help IT organizations that are adopting it to integrate their IT security teams with the design, development and implementation teams, and I am looking forward to seeing in a few years how security reports and statistics show a significant improvement in the results due to this culture of collaboration and communication being implemented, applied and enforced in a mature fashion.
How are you protecting your organization with the Cybersecurity incidents?