To get IT operations, software developers, and security teams on the same page, Qualys’ Livne advises focusing on common goals.
“From a team perspective, look at how you can create shared goals across engineering, IT operations, and security teams to collaborate and deliver better results. Working towards common goals makes it easier to collaborate, communicate and eliminate risk,” he said. “This also improves accountability for all parties involved, instead of placing blame between parties, as has happened in the past.”
Pentest People’s Newton adds: “Great improvements in patching practices can be made by establishing joint ownership of patch delivery between IT and security teams.”
Dave Harvey, director of the cyber response team at KPMG UK, agrees, adding that successful companies incorporate secure practices early in their development processes.
Source link