Implementing DevSecOps in a Legacy EnvironmentSecurity Leader at Prime Bank in Bangladesh Debunks Myths, Discusses Challenges
It's a myth that organizations with legacy systems cannot implement DevSecOps, says Md.Mahbubul Alam Rafel, head of information security at Prime Bank in Bangladesh.
"I am optimistic that legacy organizations can implement DevSecOps even if they do not have container application and microservice-based architecture. It is not necessary," Rafel says in an interview with Information Security Media Group.
"To me, DevSecOps is a combination of culture, practice and tools. So we can adopt the combination of culture and practice first."
In this interview with Information Security Media Group (see audio link below photo), Rafel also discusses:
- How the concept of DevSecOps is maturing in Bangladesh;
- The challenges of implementing DevSecOps;
- The differences between application security and DevSecOps
As leader of the information security division of Prime Bank, Rafel focuses on delivering deep-dive security testing, implementing contextualized cyber solutions and uplifting cybersecurity specialists' skills. He's also a member of the bank's digital transformation working group.