How can you sell Security as a business priority?
A presentation at Sales Engineering Finland Meetup in in Helsinki, Finland by Bruno Amaro Almeida
Security is the New Black Green How can you sell Security as a business priority? Sales Engineering Meetup September 2019 Bruno Amaro Almeida @bruno_amaro Photo by Matthew Henry on Unsplash
Who is this guy? Principal Architect & Technology Advisor @ Futurice ! native, based in ” Cloud, DevOps, Security, Data Engineering & AI Reach out on: @bruno_amaro BERLIN · HELSIN K I · LON DON @brunoamaroalmeida · MUN ICH · OSLO · STOCK HOLM · TAMPERE
Which Toothbrush would you buy? vs Pepsodent Prof Humble Brush 1,05 EUR 3,99 EUR
Sustainability and Green Economy source: forbes.com
Green and Sustainable Security and Privacy Economy
Evolution of Cost Optimization in Tech 15 YEARS AGO COMPUTE IS EXPENSIVE 10 YEARS AGO STORAGETITLE IS EXPENSIVE TODAY HUMANS ARE EXPENSIVE
How Engineers have been selling Security
Expectations We got you covered, 100% Secure 100% Secure? Customer SWE Team
Customer Expectation HTTP 404 – Not Found
Self-inflicted data leak
Vendor Worst Nightmare Google Search
Vendor Worst Nightmare
Aligning the real expectations We hope everything is covered and we don’t get hacked. We are not “security experts”, but we used industry best practices. I hope the team doesn’t drop the ball. I don’t want my customers data leak in the internet and and end up with a PR disaster. Customer • Security and Compliance • DevSecOps Practices & Tooling • Transparency & Due Diligence SWE Team
How Business sells Security Having DevSecOps practices (e.g. Threat Modeling) in our organization enables us FASTER TIME TO MARKET • Documentation up to date • Faster Feature Delivery COST SAVINGS AND REDUCED HIGHER CUSTOMER ENGANGEMENT CREDIBILITY AND NEW BUSINESS OPERATIONAL COST AND SATISFACTION OPORTUNITIES • Lean Security Audits • Less Bugs and Vulnerabilities • Better User Experience understanding • Compliance (ISO 27001, GDPR)
Thank you! Kiitos! Danke! Tack! Bruno Almeida P RINC IP AL ARC HITE C T & TE C HNOL OGY ADV ISOR Cloud, Security, DevOps, Data Engineering & AI Reach out on: @bruno_amaro @brunoamaroalmeida BERLIN · HELSIN K I · LON DON · MUN ICH · OSLO · STOCK HOLM · TAMPERE
Security is a crucial part of Engineering projects but is often disregarded as something to be added later. DevOps culture today is a reality for many engineering teams. With the evolution of DevOps tooling and practices, there has been a shift in this trend.
Teams are now looking into security as part of their day to day and effectively establishing a DevSecOps Culture.
However, one aspect remains the same throughout the years: Engineers struggle to explain and “sell” the importance and need for security practices and tooling to Management & Business people. In this talk, we are going to explore the unlikely similarities between Security, Sustainability and Green Economy. In the past, selling eco-friendly products, despite the positive connotation to the market, was not seen as a business priority. Today, it is close to a requirement to enable a company to remain competitive.
Security is the new green. Using green economy as an example, we will cover some of the common tricks and pitfalls that will enable a DevSecOps team to transform security requirements into business drivers to their company.
Video
Buzz and feedback
Here’s what was said about this presentation on social media.
