Public Sector Tech Talk E28: Aligning with the Cyber EO: A Look at the DevSecOps Requirements
With the advent of the President's Executive Order (EO) on Improving the Nation's Cybersecurity, public sector agencies are under immense pressure to increase deployment of new technologies. The EO joins other federal cloud regulations and frameworks, including NIST EO 11 recommendations, DISA STIGS, and more, that call for a balance between accelerated development processes and strong security measures through DevOps and DevSecOps. But how can agencies meet the demands of adopting emerging technologies with a focus on security? This episode will discuss why it is important to utilize an operational framework that takes DevOps and DevSecOps best practices used for application development and applies them to infrastructure automation. It will address how this approach can eliminate risk by incorporating continuous threat monitoring capabilities and, most importantly, how the National Security Agency (NSA) has adopted this framework to support a successful cloud migration initiative.
Goals and Objectives
After viewing this episode, you will have a better understanding of how the Cyber EO and NIST requirements align on DevSecOps as well as how to effectively integrate security into a DevOps lifecycle. You will also learn what an operational framework for DevSecOps is and why it is important for successful development programs.
Who should attend?
Public sector IT professionals looking to learn about emerging technologies and drivers shaping the future of government. This series is geared towards those that are developing and executing solutions that address the unique challenges faced by government agencies. In this case, a focus on DevSecOps.