Oct 12 2013
This is an incomplete thought.
This week I saw Gene Kim give his talk on DevOps and The Phoenix Project for the first time. I’d read the book and loved it, but I’d never seen Gene put life into the concepts himself. I was mesmerized by by his animation and energy in the presentation.
What at I couldn’t help thinking is, how can this be translated into security? DevOps has a security component, but it’s the collaboration between development and operations that makes this work. So how can that collaboration be expanded to cover the whole business? I’m probably expressing this poorly, but I think we need to work towards a business model where the whole business thinks of security as simply a part of how they think about how security is part of the fabric of what we do, rather than the bolt on it is now.
I’m going to have to give this a lot more thought, but I’m glad I got to see him talk rather than simply reading his book.