Episode Summary: 

Start the new year off in a DevOps State of Mind. On this episode, Liesse chats with Chris Steffen, a research director for information security at EMA. EMA, formally known as Enterprise Management Associates, is a leading analyst and consulting firm that prides itself on going beyond the surface to provide deep insights about the IT industry. Listen in as Liesse and Chris make some DevSecOps predictions for 2022 and chat about what it takes to compete as a vendor today. 

About: Chris Steffen is

An experienced and high-performing information security industry expert with extensive experience in IT and security management, zero-trust security solutions, enterprise cloud security and architecture, public / private / hybrid cloud systems and enterprise cloud migration / optimization.

Enterprise Management Associates

Chapters:

1:31 On this episode Chris Steffen

2:54 Number one risk industries aren’t paying attention to

5:00 Developer-focused attack on SolarWinds (The hunt for shared secrets!)

6:08 The importance of API security

9:17 Testing APIs before bringing on a vendor

10:23 Important tools and practices for protecting shared secrets

13:12 Are we more security-minded?

15:19 An insider's perspective

17:06 What are companies focusing on (so should be focusing on)?

19:43 Security considerations for sellers (What should companies looking to be acquired focus on?

22:30 What it takes to be competitive as a security vendor

26:30 Keeping security running smoothly during a transition

27:48 Automation’s role (Does it help or hurt?)

31:55 Recap

On the next episode, I chat with Nick Durkin, Field CTO and VP of Field Engineering at Harness. Nick and I will discuss how to remove the most annoying parts of your job so that you can focus on what you do best and why AI and ML are the future of DevOps.