Any advice for leaders who are looking to adopt DevSecOps but getting resistance from the org or dev teams? How can you overcome that pushback?

Security & GRCSecure Code & Automation (DevSecOps)Security Strategy & Roadmap+1 more
5.8k views8 Comments
Sort By:
Oldest
Chief Technology Officer and Chief Information Officer8 months ago
Share the horror stories about leaked data and lost business and reputation, how much it may cost. Present risks to the management. The leaders then should make this cause shared by their subordinates, dev and org teams. This is basically what their job role is. 
Chief Technology Officer in Software8 months ago
Prepare a 2 pager for pros and cons. Show results with migration of one project. 
CISO in Insurance (except health)8 months ago
The lessons that I have learned over the years are:
1. The security team must have development skill and practical experience to speak the same language as the development team and to establish trust. 
2. Developers must lead the initiative showing buy in to the rest of the development teams. 
3. The development manager must believe in and support the project. 
1 1 Reply
lock icon

Please join or sign in to view more content.

By joining the Peer Community, you'll get:

  • Peer Discussions and Polls
  • One-Minute Insights
  • Connect with like-minded individuals
Head of Corporate Development in Software8 months ago

I will echo your lessons.  Having lead product development and IT teams, if you want prod dev to be involved, you have to get them on board at all levels of the organization.  Part of doing that is a preexisting respect of the security team, which means that teams needs to be developers in their own right and speak the same language. 

1
CIO8 months ago
It's all about getting a clear DevSecOps strategy defined and agreed upon with all the key stakeholders. The problem comes when the vision is not understood, and/or when the R&R is not well defined. I wrote a detailed LinkedIn article at the back of a strategic DevOps transformation that I led at my previous organization. Sharing the link here if it can be of any help: https://www.linkedin.com/pulse/devops-vision-strategy-sample-blueprint-large-sumeet-goenka/
1
Principle Consultant in IT Services7 months ago
Work with the development leadership on developing a secure software development lifecycle policy. Work on the approach of crawl, walk, run.

Content you might like

What’s on your IAM roadmap for the next 18-24 months?

Identity & Access Management (IAM)Threat & Vulnerability ManagementSecurity Strategy & Roadmap
Director of IT in IT Services4 days ago
Implementation of Zero trust architecture, its modules across the organisation is a priority for us. So, we will be implementing zero trust strategies in IAM, inline with overall strategy.
1.4k views1 Comment

What is your primary deciding factor in adopting enterprise search?

Strategy & ArchitectureCloudEnd-User Services & Collaboration+26 more

TCO19%

Pricing26%

Integrations21%

Alignment with Cloud Provider7%

Security10%

Alignment with Existing IT Skills4%

Product / Feature Set7%

Vendor Relationship / Reputation

Other (comment)

View Results
5.7k views3 Upvotes1 Comment

What have been your experiences with using OData with Java and/or .Net?

Applications & PlatformsDatabaseEngineering+1 more
243 views2 Upvotes

Which aspect of running a software business do you find most challenging?

EngineeringApplications & PlatformsDatabase+1 more

Acquiring new clients and projects20%

Keeping up with evolving technologies and testing methodologies52%

Building a strong reputation and establishing credibility in the industry53%

Adapting to changing client demands and expectations40%

Ensuring effective communication and collaboration with clients and development teams21%

Developing effective pricing strategies and staying profitable14%

Other (please specify)

View Results
1.5k views

Which tech conference do you intend to attend in person next year or have already participated in this year, and what motivated your choice?

Applications & PlatformsCloudData & Analytics+15 more
Head of Enterprise Architecture MERCK Group in Healthcare and Biotecha year ago
Strategy & Architecture
Read More Comments
39k views5 Upvotes34 Comments