A Fragmented Ecosystem Challenges a Coherent Security Strategy
- By building security into the DevOps process, it’s easier to ensure that apps have the security controls required for the environments in which they run.
- The security and risk management team has an essential role to play in balancing security requirements and risk-cost benefits across all aspects of the extended IT ecosystem.
“My job is more of a tutor to teach developers about security awareness and the framework. Our job is to translate the security framework requirements into a language which developers understand.”
Avinash Tiwari, who oversees information security and risk management at a U.S.–based financial services company, sees the modern IT ecosystem as a complex security challenge that requires different but coordinated approaches to achieving a desired security posture. A coherent strategy affects how companies secure applications they develop and how they secure the environments in which those applications run.