A Framework for Continuous Security
Maintaining the resiliency of data, assets, systems, and the network is mission-critical. DevOps must continuously improve resiliency with application security tools that automate security posture assessment and manage security risks.
DevSecOps: Lessons Learned
Adoption of DevSecOps and the security improvements thereof has been quite impressive and has exceeded our own initial expectations.
DevSecOps: Security at the Speed of Business
In Part One of this blog series DevSecOps - Win Win for All, we established a foundation for DevSecOps practices with our Cloud Security Manifesto. In Part 2 of this series, we will describe another key aspect of DevSecOps – developing security guardrails with a hands-on approach via Agile hackathons.
DevSecOps: Win-Win for All
[This is part one of a four-part blog series about DevSecOps.] Today, companies are transforming their business to offer customers connected digital experiences where products and services are increasingly powered by mobile, cloud and data analytics capabilities. Developers in turn are moving to Development Operations (DevOps) processes to meet the need for greater agility and […]
For Women in Cybersecurity, Possibilities are Endless
This blog is the third in a series of posts sharing perspectives from Cisco women in security. Previous blogs featured Michele Guel, Engineer and Chief Security Architect and
Security Blog Story – Part 4: Lessons Learned
Editor’s Note: This is the final installment of a four-part series featuring an in-depth overview of InfoSec’s (Information Security) Unified Security Metrics Program (USM). In this blog entry, we discuss some of the lessons learned during the program’s first year. Winter weather in the North Atlantic Ocean can be precarious at best. Anyone recall the […]
Making Your Metrics Program Effective Beyond Just Charts and Numbers
Information security is all about risk reduction, and risks are notoriously difficult to measure - ask any insurance salesman or actuary. So how do we handle this conundrum for a security metrics program that hasn't even reached its second anniversary yet?
Security Metrics Starting Point: Where to Begin?
Editor’s Note: This is the second part of a four-part series featuring an in-depth overview of Infosec’s (Information Security) Unified Security Metrics Program. In this second installment, we discuss where to begin measuring. H. James Harrington, noted author of Business Process Improvement, once said “Measurement is the first step that leads to control and eventually […]