On May 23rd, our speaker will be Alex Dow, presenting the topic: "Shimming Security into DevOps and Not Losing Any Friends"
Development, IT operations and security have not always been friends. In the late 2000's the DevOps culture was born and unlikely friends began introducing agility to how information systems are built and operated. However, as is tradition, cyber security was not invited to the party and the long standing adversarial relationship with cyber security teams continued. However, in the past few years things have changed. Cyber security has become more important to the business, regulations more prescriptive and privacy laws more punitive. This perfect storm of business drivers has made security a relevant part of the DevOps world in the form of... a new buzz word: DevSecOps.
In this talk we will discuss the existing challenges enterprises face with the three opposing forces, the evolution from DevOps to DevSecOps and how DevOps' anarchist methodologies can actually enable and improve your cyber security mission.
Over the past decade and a half, Alex has helped organizations increase situational awareness and enable better prevention, detection and responsive capabilities. Alex has worked within three mission critical Security Operation Centres (SOC), designed and operated the Vancouver 2010 Olympics honeypot and recently architected and built out the situational awareness platform for a large federal government environment.
Working within protected “B” environments for the majority of his career, Alex was staunchly opposed to cloud technologies, however over the course of the past few years he has come to the realization that cloud can actually enable better security than traditional IT, if you let it.
Beyond Alex’s day job, he teaches Cloud Security for The SANS institute, runs a not-for-profit and produces an annual cyber security conference: BSides Vancouver.