If you want to scale security you can’t command it; you have to embrace it as a functional part of the organization.
Security has to be embedded in the technology environment you’re deploying (think DevOps) or within the other departments, explains Reck. That’s the only way security can grow within an organization.
Watch the full video interview with Robb Reck here:
VIDEO: Robb Reck Interviewed at RSA 2017
Security As Part of a Product’s Functionality
Security has to be part of everyone’s job. But security doesn’t become everyone’s job just because the CISO has asked for it to be. It becomes part of everyone’s job because the organization embraces it, says Reck.
As a security professional, if you want to help the business, go back to the product teams and ask them what makes them successful, says Reck.
“Once you’ve done that, and you’ve really been able to put yourself in the seat to say, ‘Hey, in order for us (security) to succeed they’re (the product departments) going to have to succeed,’ then when you come to them and say, ‘Here’s what we need to do to achieve the security goals of the company,’ they know you’re coming from the right perspective,” says Reck. “They know what you’re out to accomplish and they’re a whole lot more receptive to it.”
ABOUT PING IDENTITY
Ping Identity is the leader in Identity Defined Security for the borderless enterprise, allowing employees, customers and partners access to the applications they need. Protecting over one billion identities worldwide, the company ensures the right people access the right things, securely and (Read more...)
*** This is a Security Bloggers Network syndicated blog from Cylance Blog authored by Cylance Videos. Read the original post at: https://threatmatrix.cylance.com/en_us/home/robb-reck-embedding-security-throughout-organization.html