The topic of security and its focus seems to go up and down as much as an extreme rollercoaster. With the ever-changing landscape of technology and the rise of low-code/no-code apps, security seems to be an afterthought. However, as new apps and systems are implemented, it’s important to have security baked into all processes.
01:18: Gregg Ness and Shannon Smith highlight their tech background and what led them to the cybersecurity area.
02:58: The role that citizen developers play in app creation and security. This should lead to the rise of the Citizen Cyber Warrior.
04:43: There is a 500:1 ratio of security professionals to developers and admins. This leads to a breakdown of security focus and leads to higher levels of data risk.
05:57: Digital acceleration has led to a tectonic shift in application and software delivery and implementation. This introduces new problems and attack vectors across the tech ecosystem.
07:34: Defining a governance model with a Center of Excellence can provide a way to mitigate risk and span siloed apps and data within companies.
09:41: The C-Suite plays an important role in how security is viewed and the type of policies put in place. Collaboration across the C-Suite is needed for security to work throughout the organization.
12:50: Data privacy acts, such as GDPR and CCPA, are driving the need for security governance and risk mitigation. This helps various industries stay compliant as more tech ecosystems become more complex.
14:30: As data privacy becomes more important to consumers, this places higher scrutiny on a company’s brand. Consumers will recognize if companies are taking security seriously.
16:09: Some consumers and companies are giving up their data privacy for the sake of convenience. But, how far will this go before it causes backlash?
17:46: The QA cycle is sometimes more focused on features and functionalities instead of considering the security implications upstream and downstream.
21:52: Some people feel like security considerations can be a hindrance to development timelines and rollout schedules.
23:56: The pace of acceleration and modification with applications should really cause companies to adopt a robust DevOps process.
25:57: Security should be a factor of every single step of development and everyone should be aware of security from all levels of an organization.