Security, Quality & Agility: Maintaining a balance!

7 min readMay 23, 2019

Contributed by Rajesh Laskary The Plot:

Cybersecurity threats are evolving with every passing day and so the level of sophistication with which an attack can be planned, organized, and executed. In the past organizations have been more focused on ‘Quality’ and less on ‘Security’. Now we are witnessing a shift wherein organizations have started considering ‘Security-By-Design’ in their products or applications alongside quality while embracing the ‘agility’ of fast-paced agile software development. What we need to keep in mind is, ‘Security’, ‘Quality’ or ‘Agility’ is not just about tools and processes, it’s more about a cultural change in an organization, understanding vulnerabilities, it’s about the change in the mindset of people working for your organization to view things from a different angle.

Let’s assume a scenario (and trust me it’s omnipresent in one form or the other in every organization) before we start and let me set the background.

“ Your system/business analysts are always on their toes as the business keeps changing the requirements and there is always a never-ending discussion taking place on the scope or the priority of a business requirement and hence your development teams are also under tremendous pressure with ever-changing scope or priority of business requirements, last-minute design changes, CI/CD (Continuous Integration and Continuous Delivery) issues, daily scrums and other meetings, pressure to deliver at a fast pace and in a short sprint, etc.

The ‘Security’ and the ‘Quality’ tussle:

Similarly, the Testing and Quality Assurance teams are testing something which they have just received late in the sprint, they have just encountered something that was changed and they were not aware of it till the very last moment, they haven’t yet finished their SIT (System Integration Testing) and sprint is about to complete and they do not have sufficient time to regression test the system or for performance testing. (Do you think they’ll have time to think of ‘Security’?)”

‘Quality’ of the product has always been of utmost importance to any organization and now ‘Security’ has started sharing the time, resources, and budget which once only belonged to ‘Quality’.

Security, Quality & Agility: Maintaining a balance!

Written by Rajesh Laskary

More from Rajesh Laskary

Cybersecurity: Identification, Authentication, Authorization, Auditing, Accountability, And…

Preparing for CISSP, CISM, CRISC, CISA, CompTIA, CCSP, CCSK, here is what you need to know.

What Is A Cybersecurity Policy? Why Do You Need it? Core Components and Benefits

Thinking of A Career Growth In Cybersecurity! Understand The CIA Triad First.

Before you even proceed to read this article, I’d like to focus on one thing that you should know “There is no cybersecurity framework in…

Cloud Security: What Is SOC Report? What Is The Difference Between SOC1, SOC2, And SOC3 Reports?

Know the basics of SOC reports w.r.t. cloud computing and the difference between SOC1, SOC2 (SOC2 Type I or SOC2 Type 2 report), SOC3…

Recommended from Medium

Did OpenAI Secretly Create a Brain-Like Intelligence After All?

What We Know About Q* and OpenAI’s Potential AGI Breakthrough

The ChatGPT Hype Is Over — Now Watch How Google Will Kill ChatGPT.

It never happens instantly. The business game is longer than you know.

Lists

Medium Publications Accepting Story Submissions

I Found A Very Profitable AI Side Hustle

And it’s perfect for beginners

This is Why I Didn’t Accept You as a Senior Software Engineer

An Alarming Trend in The Software Industry

My favorite coding question to give candidates

A coding question, from the viewpoint of an Google/Amazon/Microsoft interviewer

4 Habits of Emotionally Strong People

#1: Control your attention, not your emotions