セキュリティとコンプライアンスシアター：致命的な7つの病気（DevSecOpsについて） – John Willis, Botchagalupe Technologies

Watch author and evangelist John Willis describe the “Seven Deadly Diseases of Devops” with a focus on the most costly of them all – Security and Compliance Theater. This presentation drills in on the practices needed to create long-term systemic “safe” improvement. Understanding these key patterns enables an organization to focus mainly on the intersection of human capital and technology. Although prescriptive practices like Lean, Agile, SAFE and even DevOps may be necessary for IT acceleration they are in most cases not sufficient for long-term systemic improvement. In other words, you can’t Lean, Agile, SAFe or DevOps your way around institutionalized organizational habits. Willis describes the “Seven Deadly Diseases” of organizational behavior: Invisible Work – Management System Toil – Tribal Knowledge – Misalignment of Incentives – Incongruent Organizational Design – Misunderstanding Complexity – Security and Compliance Theater. This presentation examines how all seven are indistinguishably related to cybersecurity, risk and compliance in IT organizations.