DXCTechTalk

Security in the Digital World
Organizations on a digital transformation journey must make a parallel trip, one that integrates security and risk management into DevOps and Continuous Delivery (CD) processes. Join our security experts to discuss security in the digital world.
   7 years ago
#DXCTechTalkDigital DirectionsDigital transformation is entering a new phase. Let's discuss how the next phase of digital transformation is playing out across major IT domains, including cloud, security, analytics, applications, workplace and delivery.
   6 years ago
#DXCTechTalkIT Modernization All enterprises seek to differentiate themselves or disrupt their industry. How are businesses using IT modernization to enhance customer experience, offer innovative products and services, and improve productivity and efficiency? Join the chat with our industry experts.
Timeline
Lisa Braun
Can you comment on the role security plays in sharing data with partners in a data ecosystem.
[+] Show Hidden Comments
[-]
Dan Hushon
@DXCTechnology actively shares what it sees in the security landscape with other partners... zero days, real/potential threats and in the future we will be talking about detection models that can be "trained" by companies since the "flow" of every client is dif.
[-]
Mark Hughes
Starts with risk assessment and then into specific tooling requirements eg encryption
[-]
Chris Nøkkentved
Most enterprise have been migrating for some time from EDI to Secure APIs with SAML Authentication and Encryption for Data-in-Motion. Sensor and sensitivity data flowing from partners into Data Lakes is a key concern today...
[-]
Dan Hushon
@cnokkentved this problem of information flow past corporate boundaries is important in #ecosystem plays... how are you seeing companies like @immuta having an impact?
[-]
Mark Hughes
So its a significant area fo the security team to be engaged from the outset. And then to be monitoring. There is a lot of regulation in or coming that deals with this - GDPR being the most well known
[-]
Lisa Braun
@DanHushon @cnokkentved You're talking/asking about @ImmutaData
[-]
Chris Nøkkentved
@DanHushon not heard of that yet, as most companies are modernizing basic stuff like Identity & Access Mgmt, Data-In-Motion Encryption and APIs. We are seeing a lot of applications of #blockchain for Active Ingredients in #LifeSciences and #Food industries lately
[-]
Dan Hushon
yes, thanks...
[-]
Dan Hushon
@immutadata is applying ML to flow data across trading partners to "automate" the appropriate reg/policy/rule enforcement to enable lower friction/risk ecosystems to emerge
[-]
Mark Hughes
Here is some usful tips/guidance https://www.ncsc.gov.uk/collection/supply-chain-se...
[-]
Chris Nøkkentved
@DanHushon there are a lot of solutions emerging in the application of AI in Integrated Risk Mgmt space. Looks like #immutadata efforts to create a machine-readable regulatory format to allow for direct embedding of AI/ML algorithms into the disseminated datasets will be an edge.
Dan Hushon
What are the challenges that people are having shifting to #DevSecOps or #SRE?
[+] Show Hidden Comments
[-]
Chris Swan
the usual thing of 'DevOps' is a reorg (not just a tool you buy, or a new hire)
[-]
Dan Hushon
#DevOps also a culture... cannot just shift/assign risk... #ExtremeOwnership?
[-]
Chris Nøkkentved
security is not supposed to be an afterthought, but rather embedded in the development culture of any enterprise or government organization. So #DevSecOps for building threat & vulnerability resilient code needs to become part of the DNA business technologies
[-]
Dan Hushon
yes and the merging of the dev/sec/ops cultures breaks down traditional org silos thus @cpswan's comments
[-]
Chris Swan
another issue is the 100:10:1 ratio that's normal for dev:ops:sec staffing levels. Sec is thin on the ground and hence needs lots of leverage
DXC Technology
Thanks for joining the chat. The conversation will continue here.
[+] Show Hidden Comments