Move fast, break security: Why CISOs must push back against Agile IT

2021-12-16 08:30

The Vectra Masked CISO series gives security leaders a place to expose the biggest issues in security and advise peers on how to overcome them.

As the Agile dogma continues to spread, it's our job as dispassionate security leaders to push back.

Another classic request: "Can you give me a risk acceptance/security exception?" which could more accurately be translated as: "Can you compromise security to help me to meet my Agile delivery objectives?".

Security must be accepted as a mandatory functional requirement of any project.

It's astonishing how many Agile projects have "Security approval" as the last task in the sprint which inevitably causes delays.

For Agile projects to succeed, we may need to slow things down a bit and ask some difficult questions.

News URL

https://go.theregister.com/feed/www.theregister.com/2021/12/16/move_fast_break_security_why/

#agile #ciso #security