The Challenges of Adopting DevSecOps at Fast-Paced FirmsHatim Matiwala of GitHub India Shares Ways to Future-Proof DevSecOps
DevSecOps is about security enablement at every stage within the organization - the people, process and technology. Hatim Matiwala, enterprise sales manager for West and North India at GitHub, says, "It's no longer monolithic. It's all about the cloud and cloud-native applications, containers, infrastructure as code and so on."
See Also: The Shift to a New Cloud–Native Security
"Developers are getting frustrated that they are spending more time ... solving security issues rather than what they love to do, [which] is ... coding," Matiwala says.
Matiwala cautions that industrywide, even seven days after vulnerabilities are detected, only 15% of them have been fixed. After 90 days, only 45% have been fixed.
"So you're not able to keep up with the fixing. It's easy to detect, but remediation is the problem that the industry is facing today," Matiwala says.
In this video interview with Information Security Media Group at ISMG's Cybersecurity Summit held in Mumbai, Matiwala discusses:
- How to establish future-proof DevSecOps in this fast-paced digital age;
- Trends and imperatives for DevSecOps to address application security;
- Overcoming challenges in adopting DevSecOps.
Matiwala has served in the IT industry for over 20 years, spanning customer, consulting and vendor points of view. Before joining GitHub, he was with Automation Anywhere, Blue Prism, Amazon Internet Services and SAP India, among other companies. Matiwala's specialties include territory management, large account management, specialized solution sales, business development and presales.