THE DENOUEMENT OF DEVOPS. Frank Bunger - VP Customer Success

Transcription

1 THE DENOUEMENT OF DEVOPS Frank Bunger - VP Customer Success

2 ABOUT ME 10 years IT Ops, InfoSec, Professional Services Current: ScriptRock Former: Bromium, Ensim, Silicor Materials Silicon Valley Startup Veteran Past Life: Professional Trombonist Oakland Symphony

3 TODAY WE RE GOING TO TALK ABOUT

4 DENOUEMENT The denouement is the final outcome of the story, generally occurring after the climax of the plot. Often it's where all the secrets (if there are any) are revealed and loose ends are tied up source: writersdigest.com

5

6

7 CONTRASTING DEVOPS Unicorns, Rainbows, Venn Diagrams Themes: Empathy, Work Together, Break Down Barriers, Cross-Functional Teams #HugOps

8 WITH INFOSEC Shields, Locks, Silos Themes: Security, Isolation, Stop Threats, Protect Critical Infrastructure #CyberWar #Security

9 DEVOPS JARGON Agile Test-Driven Approach Automation Snowflake Continuous Delivery CoffeeOps Continuous Integration Sparkly DevOps Princess

10 WITH INFOSEC JARGON Threats Data Theft Cyberwarfare Breach Attack Infiltration Exploit Hack

11 SOME DUDE NAMED BRENT? source: survivingourdebt.com

12 CAN THESE TWO WORLDS WORK TOGETHER?

13 NECESSITY IS THE DRIVER

14 THE INFOSEC PROBLEM Up and to the Right: Attacks Breaches Exfiltration Malware Extortion Exploits

15 WHAT DOES THE ENTERPRISE DO? Layer on security tools IDS, IPS, SIEM, Endpoint, Proxy, WAF CSO musical chairs

16 BUT DOES THAT HELP? The Perimeter is Dead Delicate version-dependency dance for many day-to-day business critical apps Large co s end up on ancient versions of Java, Flash, openssl, or weeks behind on updates These ancient versions will have many known exploits Exploits are too easy

17 NUMBER OF EXPLOITS IN SOFTWARE problem is getting worse roughly one exploit per thousand lines of code thousands of new potential exploits per day

18 Software will eat the world - Marc Andreessen

19 BEST CURRENT HOPE FOR THE ENTERPRISE patch patch faster seriously patch faster seriously patch faster right now

20 BUT HOW?!

21 source: clipartpanda.com

22 NEW CONCEPTS!

23 DIGITAL RESILIENCE The ability to design customer applications, business processes, technology architectures, and cybersecurity defenses with the protection of critical information assets in mind source: mckinsey.com

24

25 Continuously Integrated Digital Resilience A set of practices aimed at all stakeholders in the SDLC for building security best practices into coding testing, and releasing software, faster and more frequently.

26 DEVOPS IS THE CATALYST DevOps is a Method Means to an end - faster deployment also means faster patching

27 COLLISION OF DEVOPS & INFOSEC rapidly move security patches and secdev from dev to qa to prod patch with confidence that critical services will not go down enable security

28 THAT S GREAT BUT HOW DO I MAKE IT WORK?

29 COMMON ORG STRUCTURE Dev Ops Sec

30 DIGITAL RESILIENCE CZAR Dev Ops Sec

31 SUCH STUFF AS DREAMS ARE MADE ON Is it? Left Behind Enterprises will not be able to Compete

32 SUMMARY DevOps and InfoSec are converging Out of necessity Whether you like it or not Every product line or BU must have one Digital Resilience Czar, who is responsible for the entire SDLC including Dev, Ops, and Security

33 Continuously Integrated Digital Resilience