Why is security important? Because security breaches can be devastating. Here are just a few examples:
- The ransomware attack in May 2021 on Colonial Pipeline that forced a temporary shutdown of gasoline (petrol) supplies to the east coast of the United States.
- Russian-backed cyber-espionage attack on thousands of US-based organizations, including several branches of the US government, in late 2019 and into 2020.
- The April 2020 theft of over 500,000 Zoom teleconferencing accounts, including email addresses, passwords, personal meeting URLs, and host keys.
- In January 2020 over 280 million Microsoft customer records was left unprotected on the web. Microsoft’s exposed database disclosed email addresses, IP addresses, and support case details.
- In July 2019 Capital One suffered a data breach where the records of 100 million credit card applications were stolen.
- In May 2017 Equifax had the personal identification information of 143 million people stolen from them over a three-month period.
- The March 2015 security breach of Slack ‘s database where 500,000 emails and other personal account information was stolen.
- The October 2015 breach of Experian/T-Mobile where the personal data of 15 million was exposed.
As you see in Figure 1, security is an important part of our overall Disciplined DevOps strategy. A successful DevOps approach requires you to streamline the entire flow between delivery and operations, including any activities required to ensure security.