Agile IT Security Implementation Methodology

12/05/2011 · No Responses

Security is one of the most difficult areas in today’s IT industry. The reason being; the speed at which security methods are developing is considerably slower than the methods of hacking. One of the ways to tackle this is to implement Agile IT Security. Agile IT security methodology is based on proven software development practices. It takes the best works from Agile Software Development (Scrum, OpenUp, Lean) and applies it to security implementations.

This book combines the Agile software development practices with IT security. It teaches you how to deal with the ever-increasing threat to IT security and helps you build robust security with lesser costs than most other methods of security. It is designed to teach the fundamental methodologies of an agile approach to IT security. Its intent is to compare traditional IT security implementation approaches to new agile methodologies. Written by a senior IT specialist at IBM, you can rest assured of the usability of these methods directly in your organization.

This book will teach IT Security professionals the concepts and principles that IT development has been using for years to help minimize risk and work more efficiently. The book will take you through various scenarios and aspects of security issues and teach you how to implement security and overcome hurdles during your implementation.

It begins by identifying risks in IT security and showing how Agile principles can be used to tackle them. It then moves to developing security policies and identifying your organization’s assets. The last section teaches you how you can overcome real-world issues in implementing Agile security in your organization including dealing with your colleagues.

What you will learn from this book :

Understand the various modern-day security risks and concerns and how Agile IT security is useful in dealing with these risks
Learn Agile principles like pairwise, refactoring, collective ownership, collaboration, track project divergence and velocity rates
Develop security policies and articulate security value and take steps to ensure your employees’ security awareness
Identify your organization’s high value assets and apply risk-driven security
Employ Lean implementation principles like eliminating waste, amplified learning, late decisions and fast deliveries
Learn what teams in your organization can help you with security, and tie up with them
Learn how to overcome Agile barriers and fears and train your security professionals
Learn Agile team success factors and Agile risk success factors

Approach
The book is a tutorial that goes from basic to professional level for Agile IT security. It begins by assuming little knowledge of agile security. Readers should hold a good knowledge of security methods and agile development.

Who this book is written for
The book is targeted at IT security managers, directors, and architects. It is useful for anyone responsible for the deployment of IT security countermeasures. Security people with a strong knowledge of agile software development will find this book to be a good review of agile concepts.