Disciplined Agile

Why Security?

Why is security important? Because security breaches can be devastating. Here are just a few examples:

  • The ransomware attack in May 2021 on Colonial Pipeline that forced a temporary shutdown of gasoline (petrol) supplies to the east coast of the United States.
  • Russian-backed cyber-espionage attack on thousands of US-based organizations, including several branches of the US government, in late 2019 and into 2020.
  • The April 2020 theft of over 500,000 Zoom teleconferencing accounts, including email addresses, passwords, personal meeting URLs, and host keys.
  • In January 2020 over 280 million Microsoft customer records was left unprotected on the web. Microsoft’s exposed database disclosed email addresses, IP addresses, and support case details.
  • In July 2019 Capital One suffered a data breach where the records of 100 million credit card applications were stolen.
  • In May 2017 Equifax had the personal identification information of 143 million people stolen from them over a three-month period.
  • The March 2015 security breach of Slack ‘s database where 500,000 emails and other personal account information was stolen.
  • The October 2015 breach of Experian/T-Mobile where the personal data of 15 million was exposed. 

As you see in Figure 1, security is an important part of our overall Disciplined DevOps strategy. A successful DevOps approach requires you to streamline the entire flow between delivery and operations, including any activities required to ensure security.

Disciplined DevOps Workflow

Figure 1. The workflow of Disciplined DevOps.