Events , RSA Conference , RSA Conference Videos

Out-Siloing Security and Development to Mitigate Cyber Risk

Harness Field CTO on Why Security Must Be Part of Development, Not Post-Production
Nick Durkin, field CTO and vice president of field engineering, Harness

DevOps is a fascinating software engineering trend that makes digital transformation possible. But if it takes a long time to remediate a security issue, the process of software development slows down dramatically.

See Also: Safeguarding Election Integrity in the Digital Age

The problem lately is that security and development are treated as two disparate processes, said Nick Durkin, field CTO and vice president of field engineering at Harness.

"We've got people dealing with security issues after the fact - once it's in production. We're not actually making it part of the pipeline. Not shifting the workload left but shifting the information left and giving it to engineers when it matters allows us to start making sure that it's easy for people to do the right thing, and it's really hard for them to do the wrong thing," he said.

In this video interview with Information Security Media Group at RSA Conference 2023, Durkin also discusses:

  • What it means to shift information left and how it affects security;
  • How application development efficiency can be optimized by user organizations;
  • Modern ways to enable more efficient workflows for developers.

Durkin previously served in technical and executive roles in OverOps, DataTorrent and Early Warning. He was lead architect on the Department of Homeland Security's FIVICS initiative and has patented multiple anti-fraud technologies currently used by financial institutions.


About the Author

Rahul Neel Mani

Rahul Neel Mani

Founding Director of Grey Head Media and Vice President of Community Engagement and Editorial, ISMG

Neel Mani is responsible for building and nurturing communities in both technology and security domains for various ISMG brands. He has more than 25 years of experience in B2B technology and telecom journalism and has worked in various leadership editorial roles in the past, including incubating and successfully running Grey Head Media for 11 years. Prior to starting Grey Head Media, he worked with 9.9 Media, IDG India and Indian Express.




Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing govinfosecurity.com, you agree to our use of cookies.