Security News > 2023 > July > The 4 Keys to Building Cloud Security Programs That Can Actually Shift Left
As a result, security is an afterthought, and any attempt to squeeze siloed security into agile SDLC can swell the cost of patching by 600%. A new cloud security operating model is long overdue.
Stripping back to a system of low context may have drastically sped up the CI/CD pipeline, but this low-context approach is disappointing for any attempt to shift security to the left.
To build a cloud security program that can actually shift left, the bulk of this organizational culture change must come from a top-down, strategy-first approach that takes people, processes and technology into account.
Shift-left works best when security is already in the back of your security team's mind.
At the level of security analyst and developer, the democratization of security knowledge is how you get into every single app and pipeline being built.
As a result, security can finally saturate the earliest phases of the SDLC. Melody Hildebrandt, CISO at Fox, recognized that her team was staggering under the weight of its own security tooling.
News URL
https://thehackernews.com/2023/07/the-4-keys-to-building-cloud-security.html
Related news
- How AI Is Changing the Cloud Security and Risk Equation (source)
- Strategies for CISOs navigating hybrid and multi-cloud security (source)
- AWS unveils cloud security IR service for a mere $7K a month (source)
- Are Long-Lived Credentials the New Achilles’ Heel for Cloud Security? (source)
- Best CSPM Tools 2025: Top Cloud Security Solutions Compared (source)
- CrowdStrike vs Wiz: Which Offers Better Cloud Security and Value? (source)
- CISA Mandates Cloud Security for Federal Agencies by 2025 Under Binding Directive 25-01 (source)
- Enhancing visibility for better security in multi-cloud and hybrid environments (source)
- Microsoft Fixes AI, Cloud, and ERP Security Flaws; One Exploited in Active Attacks (source)