Your software defines your business. It’s what sets you apart, but it’s also what can bring your organization down if it’s not secure. There’s a constant conversation around the need for a unified approach to software security. That’s really what DevSecOps is all about—and yet, the current AppSec model is anything but collaborative.
This schism between security teams and developers, this cultural divide, comes into play primarily in the way it affects our ability to rapidly build and deliver secure products. CISOs and product security leaders must be able to answer the question, “Who owns security?” And the answer can’t just be “I do.” Even though DevSecOps promotes a mindset of shared responsibility, without accountability and executive-level support, “everyone” owning security can quickly lapse into “no one.”
And without this critical piece lodged firmly in place, there’s still lots of work to be done. Read more >>