Security News > 2023 > July > The 4 Keys to Building Cloud Security Programs That Can Actually Shift Left
As a result, security is an afterthought, and any attempt to squeeze siloed security into agile SDLC can swell the cost of patching by 600%. A new cloud security operating model is long overdue.
Stripping back to a system of low context may have drastically sped up the CI/CD pipeline, but this low-context approach is disappointing for any attempt to shift security to the left.
To build a cloud security program that can actually shift left, the bulk of this organizational culture change must come from a top-down, strategy-first approach that takes people, processes and technology into account.
Shift-left works best when security is already in the back of your security team's mind.
At the level of security analyst and developer, the democratization of security knowledge is how you get into every single app and pipeline being built.
As a result, security can finally saturate the earliest phases of the SDLC. Melody Hildebrandt, CISO at Fox, recognized that her team was staggering under the weight of its own security tooling.
News URL
https://thehackernews.com/2023/07/the-4-keys-to-building-cloud-security.html
Related news
- Whitepaper: Reach higher in your career with cloud security (source)
- Transforming cloud security with real-time visibility (source)
- Top 5 Cloud Security Automations for SecOps Teams (source)
- Microsoft lost some customers’ cloud security logs (source)
- How AI Is Changing the Cloud Security and Risk Equation (source)
- Strategies for CISOs navigating hybrid and multi-cloud security (source)
- Researchers Discover Severe Security Flaws in Major E2EE Cloud Storage Providers (source)
- Apple Opens PCC Source Code for Researchers to Identify Bugs in Cloud AI Security (source)
- Enhancing visibility for better security in multi-cloud and hybrid environments (source)