Presenter: Anne Marie Zettlemoyer – Mastercard
Hosted by: Chris Roberts – Attivo
As security professionals we often lament on the still current reality that security is often an afterthought in the development processes, hastily and reluctantly bolted on at the end. There is no shortage of angst and frustration on this topic. We pontificate, theorize, analyze, and preach until we are blue in the face on how to win the argument of “speed of delivery vs. delivery securely”, “write access vs. right access” and so on – how to “get them to do better” while the other side watches us with our flailing arms and wonders the same thing. How do we move from talking past each other and admiring the problem to truly actioning change? What does it take to actually get started on the DevSecOps journey? This talk will focus on simply that – how to get started. From understanding, quantifying, and translating the problem to be solved and gaining support and the resources to meet it, we’ll discuss how to get buy in from the bottom and the top in order to make the start of the journey a viable and successful one.