Nobody wants to own Security

Developers don’t want to be told “NO” by the Security team. They also don’t want to be responsible for security. Is Shift Left the right or wrong answer?

SHOW: 728

CLOUD NEWS OF THE WEEK - http://bit.ly/cloudcast-cnotw

CHECK OUT OUR NEW PODCAST - "CLOUDCAST BASICS"

SHOW SPONSORS:

• Find "Breaking Analysis Podcast with Dave Vellante" on Apple, Google and Spotify
• Keep up to data with Enterprise Tech with theCUBE
• CloudZero – Cloud Cost Visibility and Savings
• ​​CloudZero provides immediate and ongoing savings with 100% visibility into your total cloud spend

SHOW NOTES:

• Speed vs Security - Protecting CloudNative Environments
• Cloud-native Security and Compliance (VMware Tanzu Talk)

THANK YOU TO ALL THE DADS OUT THERE ON FATHER’S DAY

• Happy Father’s Day!

WHAT’S THE RIGHT ANSWER TO DEVELOPERS AND SECURITY?

• Every IT survey places Security in the Top 3 priorities, year after year
• Who is actually able to measure the value of good vs bad security?
• The independent IT group called Security is frequently disliked
• DevSecOps, Shift-Left and Secure Supply Chain has been invented to fix this
• Developers generally don’t want to think about security, because it impacts their productivity and measured KPIs
• Is this a platform problem, or CI/CD problem, or compliance/standards problem?
• Will the challenge of security force more groups/companies to move away from microservices in the future? 

FEEDBACK?

• Email: show at the cloudcast dot net
• Twitter: @thecloudcastnet