Where bits & bytes meet flesh & blood: Devops, Cybersafety, and the Internet of Things presented at AppSecUSA 2016

by Joshua Corman,

Summary : We've heard software is eating the world; software is infecting the world. Our dependence on connected technology is growing faster than our ability to secure it - in areas affecting public safety and human life. Adding millions of lines of code and connecting everything to everything else exposes cyber physical systems to new accidents and adversaries. This is truly where bits & bytes meet flesh & blood. While many in security fear DevOps and see it as the end of security as we know it... maybe that's a good thing. Our best is not good enough. Despite best practices, modern SW and Security have allowed 100 of the F100 to lose IP and sensitive information - even our governments routinely succumb to adversaries. These failure rates cannot stand with the consequences of failure being measured - not in record count - but in human lives and GDP. Paradoxically, it may take DevOps to rise to these challenges. Rugged DevOps is finding un-obvious common ground and break throughs like SW supply chain principles, greater visibility and response agility, immutable infrastructure, and the like. We must be better. This is what better looks like.