Creating a security-oriented culture is a challenge for many businesses. There's a natural tension between development teams, that are under constant pressure to get new applications and features to market as quickly as possible, and security teams that need to protect critical systems and confidential data from hackers and cybercriminals.
Aaron McKeown, Head of Security Engineering & Architecture at Xero, understands these challenges firsthand. Aaron has spent the past five years promoting security awareness and best practices at his cloud-based accounting software company.
When I recently interviewed Aaron for a segment on AkamaiTV, he shared his three key tenets to building a security-focused culture:
- Communication: Create an environment where security and development teams work hand-in-hand, collaborating throughout the entire product lifecycle, from application conception through deployment.
- Continuous education: Advise product teams on security trends and best practices. Provide online training courses, reference materials and news bulletins to keep developers up-to-date.
- Enablement: Make it easy for development teams to embed security functionality and services directly into their applications without involving the security organization.
By following these three key tenets, you can improve your company's security posture and safeguard critical applications and data, without impairing the pace of development. To learn more about injecting security into your corporate culture, watch my entire interview with Aaron on Akamai TV.
Tara Bartley is a senior marketing manager for Akamai's Media & Carrier business.