Adam Clater, chief architect for North American public sector business at Red Hat, wrote in a Nextgov article published Monday that government agencies should address the cultural divide between development, security and operations teams by creating an environment that is built on trust in order to meet their mission objectives.
He cited the efforts of development teams to integrate technologies into software development processes to address chaos and reduce its impact on operations.
“This is a distinct behavioral shift“”a quest to automate as many development, test and QA processes as possible, to include deployment, code quality and even security scanning,“ he wrote. “These tools and methods lend themselves well to the concepts of transparency and communication“”cornerstones of a culture built on trust.“
Clater called on development groups to make continuous integration/continuous deployment pipelines transparent to the IT organization through a dashboard that can be used for planning, discussion and feedback.
“That way, other teams can see how quality measures such as stress and security testing and code scanning are contributing to the secure and stable application environments that operations and security want to see,“ he added.
He said agency chief information officers should prioritize efforts to improve communications in order to build up trust among DevSecOps teams.