How SecDevOps Can Help You Find Balance When Working From Home

Dr. Heinz Doofenshmirtz
Feb 20 · 4 min read

As SecDevOps has grown in prominence, it has become an overlying consideration for most of the cybersecurity community. Specifically, all members of the field agree that building security into customer offerings from start to finish ensures a more secure product evolves over time. Now that the world has shifted into being more focused on working remotely, it has caused many development teams to feel strained and vulnerable in many ways. This can be easily remedied via SecDevOps as we will explore in the following response to a recent Github blog below.

After the coronavirus (COVID-19) became mainstream, it seemed like everything slowed to a halt. Everything except for development which is constantly in motion. With teams at the same or higher productivity levels as before, that means they’re shipping more code, which introduces more risk, but they need to meet the rapidly changing demands quickly. With SecDevOps, these teams can find the balance that they need to tackle complex developmental projects that require all hands on deck.

Leveraging SecDevOps into Internet of Things (IoT) products can decrease the potential number of pivot points which attackers can leverage, should they gain access to a victim’s network. By using SecDevOps during your development cycle, your organization can better prepare for and mitigated vulnerabilities before they ever occur. This can help deter major kick back during development projects when teams have become distributed.

As teams have shifted away from the hustle and bustle of office buildings and towards kitchen tables, arm chairs or spare bedrooms, teams have been forced to manage their development cadence in new ways. The fact that the standard 9–5 work schedule is off the table means that you can’t rely on the “human” factor of AppSec anymore. Now, you need automation at every step of the development lifecycle so that your teams can stay productive while still maintaining some semblance of work-life balance.

To help alleviate a majority of these work cadence ship blockers, SecDevOps is key. SecDevOps gives your development team the autonomy to manage the AppSec in their workflow so that they don’t have to worry about being held up by being on a different schedule than somebody else. This allows project managers to distribute tasks amongst team members and allow them to work autonomously as a team and develop the priority pieces. This methodology ensures that when an AppSec manager comes online, they immediately understand what the most important things they have to address first to keep the project on time and budget.

The good thing about having to work from home is that you can work whenever you want. But since there is a surplus of work to do at the moment and sometimes less team members to do it, that means that teams are being overwhelmed at times with having to work from sun up to sun down. Although having a surplus of work can signal more job security for some, that façade can slowly corrode over time to give way to burnout when there is no end in sight to the workload.

Burnout is always a big concern for development and security professionals, and one of the things that is a big contributor to it is working on non-functional/strategic (e.g. boring clean up tasks) requirements. If additional work is happening at the expense of personal time and breaks to replenish, ponder, and maintain healthy separation, it’s best to audit your team’s work efforts and find ways to streamline your developmental process by means of SecDevOps.

When the world shift from cubicles to kitchen tables, it led to a mass exodus of policy development procedures overnight. This shift has led to many teams scrambling to find a process that can help them develop a systematic process for embedding security into a platform of their choice. Unfortunately, many processes are not as flexible to the flow of diversified teams as SecDevOps is.

What organizations need to understand is that we are embarking on a brave new world where the AppSec policies pertaining to physical controls that teams have historically relied on have become obsolete. Without SecDevOps, teams have no way to:

1. Identify which projects are impacted by those policy changes.

2. Notify project managers that their portion of code is ready for review

3. Ensure that new policies are rolled out correctly and ongoing monitoring to know when they are and are not.

With development teams scaling down to just a few employees in the wake of dwindling development budgets following COVID-19, every enterprise is looking to save money wherever they can (as long as it means that productivity stays high). SecDevOps is one process that helps teams save money and increase their productivity by managing security as part of their workflow so it’s not a drag on productivity. With SecDevOps, project managers also get predictive analytics to plan for potential bottlenecks ensure scalability and major cost savings down the road.

The Startup

Get smarter at building your thing. Join The Startup’s +788K followers.

Sign up for Top 10 Stories

By The Startup

Get smarter at building your thing. Subscribe to receive The Startup's top 10 most read stories — delivered straight into your inbox, once a week. Take a look.

By signing up, you will create a Medium account if you don’t already have one. Review our Privacy Policy for more information about our privacy practices.

Check your inbox
Medium sent you an email at to complete your subscription.

Dr. Heinz Doofenshmirtz

Written by

Retired Gamer. Conspiracy Theory Enthusiast. Tri-State Area Villan.

The Startup

Get smarter at building your thing. Follow to join The Startup’s +8 million monthly readers & +788K followers.

Dr. Heinz Doofenshmirtz

Written by

Retired Gamer. Conspiracy Theory Enthusiast. Tri-State Area Villan.

The Startup

Get smarter at building your thing. Follow to join The Startup’s +8 million monthly readers & +788K followers.

Medium is an open platform where 170 million readers come to find insightful and dynamic thinking. Here, expert and undiscovered voices alike dive into the heart of any topic and bring new ideas to the surface. Learn more

Follow the writers, publications, and topics that matter to you, and you’ll see them on your homepage and in your inbox. Explore

If you have a story to tell, knowledge to share, or a perspective to offer — welcome home. It’s easy and free to post your thinking on any topic. Write on Medium

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store