This week is about security. I’ve always considered security to be part of everyone’s job in IT. If you think “improving security” is someone else’s job, you’re doing it wrong.
I got SANS GIAC Certified
back in 2005 (I wrote a white paper
on SMTP gateway security techniques) and loved it, but never got the “security bug” so bad that I wanted to do only
security engineering… so I stayed a sysadmin, but I always felt it was everyone’s job to keep learning security topics and implementing more of it in everything we do.
And then DevSecOps was born 🎉, and we finally had a single term we could rally around that pulls in the security staff as part of the DevOps teams and processes.