Over the past few years the Pokemon Company established a DevSecOps culture around Pokemon Go. Today’s columnist, Robert Brennan of Fairwinds, offers advice on how companies can effectively balance the trade-off between development speed and security. (AdamPurves S3ISOR/ CreativeCommons Attribution 2.0 Generic CC BY 2.0)

Software companies succeed on their ability to ship valuable features quickly. Ideally, companies would give teams ample time to take security into consideration and think through all the implications of their code and configurations. But when the deadline pressure gets turned up, security becomes less of a priority.

While this may sound frightening, sometimes there are legitimate reasons to forego the tightest security constraints in favor of faster time-to-market. And there are steps companies can take to ensure that basic security hygiene gets practiced. Companies don’t need to maximize security at the cost of all else, but rather navigate the trade-off in a way that benefits users, employees, and the business. Let’s take a look at the tension between speed and security from an engineering standpoint, and identify how we can strike a balance that keeps us moving forward quickly and securely. 

Please register to continue.

Already registered? Log in.

Once you register, you'll receive:

  • News analysis

    The context and insight you need to stay abreast of the most important developments in cybersecurity. CISO and practitioner perspectives; strategy and tactics; solutions and innovation; policy and regulation.

  • Archives

    Unlimited access to nearly 20 years of SC Media industry analysis and news-you-can-use.

  • Daily Newswire

    SC Media’s essential morning briefing for cybersecurity professionals.

  • Learning Express

    One-click access to our extensive program of virtual events, with convenient calendar reminders and ability to earn CISSP credits.