3 ways to reduce stress on the DevSecOps team

My session focused on the stresses and burnout experienced by security teams, including recent data showing that 94% of chief information security officers suffer from work-related stress, and 65% admit their stress levels compromise their ability to do their job.
As technology stacks increase in complexity, DevSecOps teams are required to rapidly learn new skills, increase automation, and take steps to improve the developer experience.
The resulting stress and pressure on team members can lead to burnout, which affects the entire team and the end product.
Supporting new technologies and capabilities such as generative AI can be both a stress reliever and a source of stress for DevSecOps teams.
Here are three more ways DevSecOps teams can meet their core development, security, and operations needs and fulfill their mission while reducing stress.
3 ways DevSecOps teams can reduce stress Foster a generative organizational culture.
Before considering DevSecOps practices and tools, the most direct way teams can reduce stress and alleviate the risk of burnout is by addressing the organization and team culture.
Generative organizational cultures are performance-oriented and highly cooperative, and risks are shared across teams.
Create a safe environment of trust and mutual respect where the team's goals are more important than individual goals.
Help the team realize that devops is never done and requires a continuous improvement cycle where teams are willing to try new ideas.
Other activities to improve the agile development team and devops culture include learning customer needs, focusing on fewer but meaningful KPIs, and brainstorming innovative solutions.
DevSecOps teams can create learning activities beyond skills development and prioritize events that serve more than a social purpose.
Omer Cohen, CISO at Descope, suggests the benefits of collaborative team learning.
Institute a weekly problem-solving session where team members bring solutions, not just problems, and address challenges collectively.
Cultural practices must align with how digital trailblazers lead transformation initiatives and how team leaders collaborate with their teammates.
Instead of micromanaging, software development managers, product owners, and scrum masters can empower agile teams by communicating the product vision, avoiding rigid roadmaps, and following through on retrospectives.
Leaders can measure software development performance by measuring how well teams release reliably, improve customer satisfaction, and improve devops KPIs.
Both leaders stress the importance of communication, which is a key management practice regardless of how teams are organized or which management frameworks are utilized.
Automation, machine learning, and generative AI are possible solutions if the team feels overwhelmed with too much manual work.
Reducing stress can immediately impact DevSecOps teams and organizations by increasing employee happiness and improving productivity.


This Cyber News was published on www.infoworld.com. Publication date: Mon, 18 Dec 2023 10:13:05 +0000


Cyber News related to 3 ways to reduce stress on the DevSecOps team

3 ways to reduce stress on the DevSecOps team - My session focused on the stresses and burnout experienced by security teams, including recent data showing that 94% of chief information security officers suffer from work-related stress, and 65% admit their stress levels compromise their ability to ...
10 months ago Infoworld.com
DevSecOps: Definition, Benefits and Best Practices - DevSecOps is an approach that focuses on the alignment of the three core pillars of DevOps — Development, Operations, and Security. It’s a combination of processes, tools and practices designed to enable organizations to adopt innovative and ...
1 year ago Heimdalsecurity.com
Modern DevSecOps - DevSecOps - a fusion of development, security, and operations - emerged as a response to the challenges of traditional software development methodologies, particularly the siloed nature of development and security teams. DevSecOps aims to break down ...
10 months ago Feeds.dzone.com
3 security best practices for all DevSecOps teams - It's been over 10 years since Shannon Lietz introduced the term DevSecOps, aiming to get security a seat at the table with IT developers and operators. More organizations are looking to shift-left security to ensure that security is prominent in ...
11 months ago Infoworld.com
Beyond Protocols: How Team Camaraderie Fortifies Security - When we think about the many different tasks a security team must complete, many of them are challenging and time consuming, to say the least. Logic would dictate that if the security team is of high quality and its members enjoy working with one ...
10 months ago Securityweek.com
Meet the new CloudGuard: Risk Management in Action - Security teams need to plan the measures taken to reduce the harmful effects of a CVE, to ensure that the applications they are managing remain secure while business availability is not affected, and developers can continue with their day-to-day ...
10 months ago Blog.checkpoint.com
How to build a cyber incident response team - As an incident response manager himself, Valentin regularly coordinates security responses for companies of all shapes and sizes - including many of the examples discussed in this post. He explains everything you need to know about building and ...
11 months ago Heimdalsecurity.com
Embracing Security as Code - Everything is smooth until it isn't because we traditionally tend to handle the security stuff at the end of the development lifecycle, which adds cost and time to fix those discovered security issues and causes delays. Over the years, software ...
10 months ago Feeds.dzone.com
The Elusive Quest for DevSecOps Collaboration - Despite years of discussing DevSecOps, achieving security and development collaboration remains an uphill battle in most organizations. The Slow March of DevSecOps Evolution While the concept of DevSecOps has been discussed for years as a best ...
10 months ago Feeds.dzone.com
Do More with Security Orchestration, Automation, and Response - Today, security operations center teams face dual challenges of acquiring both the right caliber and quantity of staff. With this gap, it's important for SOC teams to consider security, orchestration, automation and response solutions to automate ...
9 months ago Securityboulevard.com
Failing Upwards: Put on your own mask before assisting others - From poor leaders, I've learned what doesn't work: breaking the team's trust, operating without transparency, employing a destructive and unempathetic approach, micromanaging, and setting people up for failure. In contrast to the negative leadership ...
9 months ago Blog.zsec.uk
4 key devsecops skills for the generative AI era - Experts believe that generative AI capabilities, copilots, and large language models are ushering in a new era of how developers, data scientists, and engineers will work and innovate. They expect AI to improve productivity, quality, and innovation, ...
10 months ago Infoworld.com
Hands Off the Security Budget! Find Efficiencies to Reduce Risk - CXOs looking for ways to tighten their belts may be forgiven for taking a long look at their security budgets, as Gartner forecasts spending on security technology and services will grow annually at 11% over the next four years. If the frequency and ...
11 months ago Darkreading.com
Cisco Allowed Me To Start My Family, Stress-Free - For others, the road is bumpier and has many pit stops along the way. One in six couples struggles with fertility. After a year and a half of trying to conceive, I found myself facing the real possibility of IVF being the most likely path to ...
9 months ago Feedpress.me
9 Best DDoS Protection Service Providers for 2024 - eSecurity Planet content and product recommendations are editorially independent. We may make money when you click on links to our partners. Learn More. One of the most powerful defenses an organization can employ against distributed ...
11 months ago Esecurityplanet.com
Normalizing Security Culture: Stay Ready - While it may seem like self-promotion or extraneous work, it’s extremely valuable to take the extra time to summarize threats stopped, processes improved, projects completed and team members modeling strong security behavior. Most people don't ...
1 month ago Darkreading.com
CVE-2023-52836 - In the Linux kernel, the following vulnerability has been resolved: locking/ww_mutex/test: Fix potential workqueue corruption In some cases running with the test-ww_mutex code, I was seeing odd behavior where sometimes it seemed flush_workqueue was ...
5 months ago Tenable.com
Cyber security professionals are exhausted, and it's putting firms at greater risk of attack - An epidemic of stress among cyber security professionals is putting organizations at a greater risk of cyber attack, according to a new report. A survey of 500 UK cyber security professionals by security firm Adarma found that just over half of ...
11 months ago Itpro.com
Employee Stress Puts Data in Danger - The Harvard Business Review conducted a survey of more than 330 remote employees from a wide range of industries to self-report on both their daily stress levels and their adherence to cybersecurity policies over the duration of two weeks. During the ...
11 months ago Securityboulevard.com
Simplify budgets and purchasing with Cisco Security Suites - In the pursuit of better security outcomes, organizations have relied on an ever-increasing number of products and services. On average, enterprise customers use as many as 76 unique security solutions. This complexity makes it very difficult for ...
10 months ago Feedpress.me
Getting Ahead of the Attack - With threat actors maturing and constantly changing their methods, security teams must always be aware of what's happening on the network. It can be challenging to truly map out what solutions and techniques your teams may need to apply to get ahead ...
11 months ago Cybersecurity-insiders.com
Unlocking the Potential of a HighPerforming Security Engineering Group - Security teams are mainly made up of roles related to operations, compliance, and policy. Security engineering teams, on the other hand, are responsible for creating services, automating processes, and streamlining deployments to support the core ...
1 year ago Csoonline.com
Security tools fail to translate risks for executives - Organizations are struggling with internal communication barriers, which hinder their ability to address cybersecurity threats, according to Dynatrace. The results indicate that CISOs encounter challenges in aligning security teams with the C-suite, ...
5 months ago Helpnetsecurity.com
DevSecOps: Shifting Security to the Left - This blog explains how Shifting Security to the Left introduces security in the early stages of the DevOps Lifecycle, thus fixing software bugs proactively. Throughout this process, it feels like security has been left behind a little. 'Shifting ...
11 months ago Feeds.dzone.com
A Tale of Overcoming Cyber Threats with Auto Pentesting and CTEM - She had preemptively purchased Ridge Security's RidgeBot automated penetration testing product, recently upgraded with new plugins that automatically detect and exploit the MOVEit vulnerability. RidgeBot is an AI-powered security validation platform ...
7 months ago Cyberdefensemagazine.com

Latest Cyber News


Cyber Trends (last 7 days)


Trending Cyber News (last 7 days)