The DevSecOps Playbook: Deliver Continuous Security at Speed

This Post Has 5 Comments

  1. Must read for building strong, collaborative IT teams
    I highly recommend Sean Mack’s book, The DevSecOps Playbook. When I started reading Mack’s book, I thought it was going to be about a new type of software or a new management tool or something else technical in nature. But no. It is about people. He writes, “People are at the core of DevSecOps. While tools and processes can help enable DevSecOps, it is, more than anything, about people. DevSecOps requires a cultural transformation with people at its core.”
    Mack intersperses his book with real-world examples from his own career – both those that worked well and those that, well, could have gone better had he known then what he knows now. He makes a convincing case for why collaboration between teams with different sets of responsibilities is a more powerful organizational principle that siloes and even more helpful to me, he takes the idea of collaboration and makes it fun, something you want to be part of.
    We used to describe working with the three areas of IT as “herding cats” because that is what it would feel like to try to get everyone to remember we were supposed to be working toward the same goal. Mack makes it clear that tools can help keep everyone informed and updated but it is the underlying building of the personal relationships that creates the glue so it all can stick. He gives real world examples that at times sound so simple (“check in on a colleague”) yet reflects his understanding of the working world and what makes people feel incentivized to want to be part of the team. Mack explains the importance of training and education and (my favorite part), making it fun. Yes, I would like to be part of a cybersecurity awareness team’s game of “capture the flag!”
    I highly recommend the book to all IT managers. I would also recommend it to anyone who wants to learn more about how to incentivize a team, build collaboration, understand what makes a group of people work together more effectively. It is not rocket science but it sure isn’t common knowledge either. Mack’s command of the material and thorough understanding of team building in a complex IT setting is top-notch.

  2. Well written and a solid guide for DevSecOps Modernization every leader must read
    This book provides great perspectives on how a modern DevSecOps playbook can transform an organization’s security and privacy capabilities without impeding the flow of delivery. There is enough content here including valuable insights, new concepts, references to industry leading tools, proven processes and frameworks to formulate a well put together strategy for a transformation. Great read for leaders looking to embark on a DevSecOps journey or just to educate themselves on the topic. Also, a must for those readers looking to learn more about DevOps as the author draws important parallels between the two cultural philosophies and practices.

  3. Excellent Overview
    DevSecOps Playbook isn’t a how-to book so much as a how-it’s-done book and that’s exactly what I was looking for. I’m not an engineer, but I work with people who are: this book gave me just enough background that I feel able to ask the right questions and make informed decisions. Strongly recommended for those seeking to hire and manage cybersecurity talent.

Leave a Reply

Your email address will not be published. Required fields are marked *