Tuesday, November 26, 2024

HHS lead says Successful DevSecOps Starts With Trust

“The software development lifecycle begins the moment a person has a bright idea about a new application. If the developer trusts that security professionals want to improve its creation, rather than think they just impose roadblocks, bringing the idea to fruition will run much more smoothly…”

“Greg Edwards, CISO for the Federal Emergency Management Agency, said that when the requirements for a new software application are developed, the security requirements should be included.

‘We all know this, but why haven’t we embraced this more fully?’ Edwards said. ‘It’s the trust factor, and it’s the timelines. Sometimes it’s difficult to wedge in security in those milestones … Understanding that security will affect the implementation timeline [means] we have to talk about software development.’…”

“Nicole Willis, CTO for the Office of Inspector General, Department of Health and Human Services, said the increased focus on security represents a big culture shift.

‘We’re implementing security at all levels of projects, from planning [on to release],’ Willis said. ‘We’re embedding security in our DevOps team. It’s important that they have that security mindset in place as they develop the projects.’…” Read the full article here.

Source: Successful DevSecOps Starts With Trust, Government Experts Say – By Patience Wait, January 18, 2022. Nextgov.

[related-post]

LEAVE A REPLY

Please enter your comment!
Please enter your name here

FedHealthIT Xtra – Find Out More!

Recent News

Don’t Miss A Thing

Jackie Gilbert
Jackie Gilbert
Jackie Gilbert is a Content Analyst for FedHealthIT and Author of 'Anything but COVID-19' on the Daily Take Newsletter for G2Xchange Health and FedCiv.

Subscribe to our mailing list

* indicates required