10 principles to ensure strong cybersecurity in agile development

The agile project management philosophy values speed, collaboration, communication, and interaction. Here are some best practices for keeping agile security strong.

Today’s hyper-competitive business environment requires organizations to move fast and stay innovative. As a result, 80% or more organizations have adopted an agile development approach. Unfortunately, this higher development velocity introduces several opportunities for exploitation by cyber criminals, especially if the software lifecycle processes are not secured.

So, how can organizations make agile development practices more security-enabled? Here are 10 principles that the ISF recommends:

Define roles and responsibilities

Senior leaders responsible for directing agile projects must clearly define the roles and responsibilities of security activities. This includes establishing formal and informal lines of reporting, as well as project management actions such as escalation protocols, mandatory meetings, and reporting project status to security teams. This will help embed security into agile application development while fostering commitment, accountability and a constructive relationship between business IT and security reps.