Access your Pro+ Content below.
DevOps and security? Here's how
The automation of development and operations processes, known as DevOps, is catching on in project teams and business units across industries. The missing component in many of these high-risk scenarios? Security. To make DevOps and security work together, CISOs need to have ongoing collaboration with developers, automating security checks early in the process and providing them with visibility and feedback. In this issue, early adopters of the DevOps and security model share tips on how to defend the cloud's continuous improvement model.
Retailers, led by Wal-Mart Stores, Home Depot and the National Retail Federation, contend that the two-factor authentication provided by chip and PIN card technology offers the highest level of security. Financial institutions, led by Visa, MasterCard and the American Bankers Association, say it's the microchip embedded in the card that matters because it combats counterfeit fraud. We look at both sides of the chip and PIN card debate.
The consequences of a company's failure to stay apprised of data protection laws and to implement best practices can be dire. Organizations may find themselves not only targets of post-breach lawsuits, but on the receiving end of the Federal Trade Commission's scrutiny. By pooling the collective knowledge of the legal and IT security organizations, and by staying on top of requirements and updating them as appropriate, CISOs can cover all of their bases in a comprehensive way. We tell you how to set up the swim lanes of a legal partnership.
Access this PRO+ Content for Free!
Features in this issue
Intuit did it. Etsy did it. Netflix did it. How fast moving companies are integrating security into the agile DevOps cycle for continuous deployment of software and services.
The banks and the retailers have divergent views on how best to secure credit card transactions. Will the courts decide between signatures and PINs? Or will market forces win out?
The CISO's role as the protector of an organization's data intersects with responsibilities of corporate counsel. Here's how to keep the communications flowing in sticky situations.
Columns in this issue
Delays, "no" and "redo that work" causes many developers to avoid IT security. With DevOps, proponents aim to make security at scale everybody's problem.
Malicious or criminal attacks take a longer time to identify and contain, research shows, leading to a higher cost per breach. We look at the numbers.
CISOs have more influence in enterprise cloud adoption, from the procurement of cloud services to controls and policy enforcement in layered environments.