In this session, “Software-Defined Security Governance: Evolving Security Initiatives to Facilitate Digital Transformation,” Jim Routh, CISO at MassMutual and ZeroNorth CTO John Steven will share insights into how financial institutions can enact software-defined security governance, enabling secure DevOps and supporting the mission of delivering a continuous stream of software capabilities, without creating risk to the business.
Digital transformation, DevOps and cloud adoption have changed software delivery for financial institutions. It’s all about software and the infrastructure on which it runs, and delivering new capabilities quickly is non-negotiable. Software underlies nearly every facet of organizations, from the capabilities they deliver to the way they engage with partners, to the way they engage employees – and on. If security initiatives can’t keep up with the rate of software delivery, the organization is forced to conduct business without up-to-date visibility into the risk it and its customers face.
Security Initiatives are chasing the wrong goal: it’s not enough to reduce friction along “continuous delivery” pipelines. Security must be “applied-by-default” to the set-up and execution of software-defined delivery and operations workflows from start to finish. By building towards a software security lifecycle management strategy, financial services organizations have an opportunity to ensure security is inextricably linked to software, every step of the way.
Registration information for FS-ISAC members can be found here.