Grounded in the Cloud
cancel
Showing results for 
Search instead for 
Did you mean: 

Industry Interview Series: Wolfgang Goerlich, Director of Security Strategy at CBI

SimonLeech

This is the second in a series of videos and blogs speaking with both HPE and external subject matter experts on various aspects of hybrid cloud security. Today we speak with Wolfgang Goerlich, Director of Security Strategy at CBI, about how organizations can adopt a security culture and use this to further innovation when migrating to the cloud. Other videos in the series can be found by searching for the tag cloudsecinterviews.

I’ve spoken a number of times in the past (most recently on this blog here, and during a TechNative podcast here) around the importance of adding security to the software development life cycle, both with traditional and DevOps oriented application development. But for many organizations, altering the way the development team thinks and works can be quite a cultural change. I was lucky enough to meet with Wolfgang Goerlich, Director of Security Strategy at CBI, to talk about how organizations can introduce a security culture.

Wolfgang told me that building a security culture into the development team has the advantage of creating a ‘volunteer security department’ – developers want to do the right thing when building apps, and they see the creation of quality software as paramount to that.

He also explained that whilst adding security checks to the SDLC may slow down the release cadence of applications, it will increase the quality of the software that is being released into production, and this will only be seen as a good thing by management and developers alike.

We ended the discussion talking about getting buy in for security programs, and with Wolfgang suggesting three top pieces of security advice for organizations wishing to create a development team to work on cloud based applications.

 

 

 

To learn more about hybrid cloud security, download the whitepaper from 451 Research Group. You can also learn more about the HPE approach to Hybrid Cloud Security. For information about application security and Devops, and to download the recently released white paper on the state of security in DevOps, please visit this page. Other videos in the series can be found by searching for the tag cloudsecinterviews.

  • HPE Cloud
0 Kudos
About the Author

SimonLeech

Simon Leech is a Certified Information Systems Security Professional with a specialisation in Security Architecture (CISSP-ISSAP), Certified Information Security Manager (CISM), Certified in Risk and Information Systems Control (CRISC), Certified in Cloud Security Knowledge (CCSK) and Chief Technologist Security within the Hewlett Packard Enterprise EMEA Hybrid IT Team. Within Hewlett Packard Enterprise, Mr Leech is responsible for influencing and evangelising the security strategy of the Hybrid IT team. Simon is active on Twitter as @DigitalHeMan

Events
28-30 November
Madrid, Spain
Discover 2017 Madrid
Join us for Hewlett Packard Enterprise Discover 2017 Madrid, taking place 28-30 November at the Feria de Madrid Convention Center
Read more
See posts for dates
Online
HPE Webinars - 2017
Find out about this year's live broadcasts and on-demand webinars.
Read more
View all