To get IT operations, software program builders, and security groups on the identical web page, Qualys’ Livne advises specializing in widespread objectives.
“From a group perspective, have a look at how one can create shared objectives throughout developer, IT operations, and security groups to work collectively and ship higher outcomes. Engaged on widespread aims makes it simpler to collaborate, talk and get rid of dangers,” he says. “This additionally improves accountability throughout all of the groups concerned, reasonably than shifting blame between groups, as has occurred previously.”
Pentest Individuals’s Newton provides: “Important enhancements in patching practices might be made by establishing joint possession of patch supply between IT and security groups.”
Dave Harvey, director of the cyber response group at KPMG UK, agrees, including that profitable corporations infuse safe practices early of their improvement processes.
