Security starts with architecture

2021-03-04 06:00

The battle against hackers and threats is an arms race against highly motivated opponents, and with the number of attacks and threats continually growing, it's impossible to achieve security by simply patching up a broken architecture with single, niche tools.

There is an invariable disconnect between where and how security policies are framed, security is enforced, and security is audited.

While security officers are responsible for ensuring the integrity of security platforms, they are not the ones charged with developing the security solution to protect them.

Relying on developers to fix one issue at a time and on DevOps engineers to employ a niche tool for each type of threat will never create a sound architecture, and the status quo cannot provide the long-term security that businesses desperately need.

Ultimately, the responsibility will fall in the hands of the development and DevOps teams to build secure systems and fix security problems.

Security policies must be applied into the product development life cycle right where code is being written, data systems are being developed, and infrastructure is being set up.

News URL

http://feedproxy.google.com/~r/HelpNetSecurity/~3/IqI-dOoiJtY/

#security