Compliance by Design – Key Learnings from the DevOps Culture Shift
We have an urgent need as a professional community to reset the way in which we work. Thousands of companies are either building-in or migrating-to the public cloud, and in the process of doing so, they must now solve for security and compliance.
To keep up with the speed of change occurring in our industry, IS audit, control, and security professionals must adopt similar tenets of the DevOps ethos to keep up. Additionally, through an understanding of the culture that is currently being formed around software development and engineering, we can improve our collaborations with these teams and more closely align on common goals.
In this presentation, we will briefly discuss some key areas of the DevOps ethos, namely, empathy, ownership, and accountability. We will then deep dive into what compliance by design is, several real-world examples of how this is being performed today, and how understanding and adopting some of these practices will assist you as a professional.
Attendees will come away with:
- A high-level understanding of how DevOps is impacting the way we work
- Real-world examples of how compliance by design is being used today
- Proposed methods for adopting and evangelizing these methods within your organization
Co-founder and CEO of Shujinko
Mr. Scott Schwan is a co-founder and serves as Chief Executive Officer at Shujinko. Previously Scott was the director of cloud engineering at Starbucks, where he led a team of talented devsecops engineers practicing infrastructure and security as code to build a shared platform for Starbucks development teams. Prior to Starbucks, Scott was a technical leader at CARDFREE, Tommy Bahama, PricewaterhouseCoopers, and SAP. He has a background in security and infrastructure engineering that is heavily focused on PCI, retail, e-commerce, mobile order and pay (MOP), and loyalty.
Consent for Photos, Audio and Video Recordings Taken at Events or for Marketing Purposes
By attending this event I agree irrevocably and free of charge that ISACA or any third party who is acting on ISACA’s behalf may create images, videos and/or sound recordings of me (“works”) at the event for marketing purposes. For these purposes, the granting of rights in the works also includes the rights to adapt, reproduce, distribute, perform, making available to the public, broadcast, retransmit or sublicense the works to ISACA’s affiliates. The granting of rights in the works also includes all current and future media, goes beyond the repetition of an event and is not restricted to time or territory.