There is a constant struggle between Security teams and DevOps teams, while the first tries to raise awareness on the cruciality of security. The fact is that security teams cannot succeed without the business users.
Recently we’ve been witnessing a change in the way DevOps capture security, and collaburate with security teams, that is only possible by shifting the security conversation to the language of developers and meeting them where they are. “Now, security teams and developers share a security mindset, which helps with day-to-day operations and the large security strides forward that require developer participation” says Michael Bargurt in his recent DarReading article.
Organizations with many developers who understand and promote security in their daily work are far more likely to promote and implement large security initiatives.
Enters Business Users and No-code/Low-code platforms
No-code/Low-code platforms are already becoming a major part of businesses digital transformation by allowing faster applications and automations development. It has already been predicted by Gartner that by 2025 more than 70% of all application development will be done using No-code/Low-code.
When No-Code/Low-code security is left out of the security team’s scope it can lead to a greater shadow IT issue as well as other security awareness problems.
In his recent DarkReading article, Michael Brgury is asking “can we apply lessons learned from DevSecOps to bringing business users closer to security?” And, reveals the secret sauce to how security teams should harness the power of business-users for their goals, what we should learn from past experience, and what the future holds.