She quotes Gartner: “95% of cloud breaches occur due to human errors such as configuration mistakes”. Passwords in repositories, for instance.
A common problem is deadlines. It is easy to cut back a bit on security to meet a business deadline or objective…. Manual processes and culture also hinders security innovation. Interference from management. Fear of failure. Lack of learning.
Devops: people, process, products. Five main things to pay attention to:
Enable secure development. What tools do you use?
Secure your development devices and development environment.
Make sure your source code control is secure.
CI/CD tooling and all the other automatic checks you can do.
Good alerting and monitoring.
My name is Reinout van Rees and I work a lot with Python (programming language) and Django (website framework). I live in The Netherlands and I'm happily married to Annie van Rees-Kooiman.
Most of my website content is in my weblog. You can keep up to date by subscribing to the automatic feeds (for instance with Google reader):