Compliance and security number one topic at C-level | #RHSummit
When you say open source, security it the first thing that comes to the minds of many CIOs. As we have been reminded many times, the issue is not if you’ve been hacked, but where and how long you have been breached.
At the Red Hat Summit taking place at Moscone N & W in San Francisco, Josh Bressers, security strategist at Red Hat, Inc. sat down for an interview on theCUBE, from SiliconANGLE Media team, with cohosts Stu Miniman (@stu) and Brian Gracely (@bgracely) to discuss security and how open-source technology is using automation to help.
Security: A mainstream topic
Security at Red Hat has been a priority since the beginning, but Bressers told theCUBE hosts that over the past two or three years there has been more mainstream attention compared to where it was in the past.
Bressers works with the platform business unit to monitor security in the technology industry to provide market insight and to ensure that Red Hat is on top of its security game.
Containers and security
“The biggest thing about containers is that we always say containers aren’t magic, so if you are running a container you don’t get security for free, it’s not magical,” he said. From the Red Hat perspective, he noted it is more important to know where the containers are coming from. His analogy: “It’s like finding a sandwich on the ground. Are you going to eat that sandwich? Absolutely not,” Bressers said.
He went on to explain that when you are dealing with containers, it’s very similar, and it is important to use a secure supply chain. Red Hat carries the project from start to finish when building its containers. The “hip thing,” according to Bressers, is that once the container leaves Red Hat, there is container scanning and this is where container security is headed.
Educating customers about security
Miniman asked Bressers about CIOs and corporate Boards and how the security discussions have changed.
“Fundamentally, no one wants on the front of the New York Times; that’s the goal here,” he remarked. Compliance and security are becoming drivers and that is what is being paid attention to more often. He said it is the number one topic he is hearing on the C-level.
Investigation automation
There was a time when security was done on a manual level. But now security and automation are being tied together. Bressers told theCUBE hosts that the security team needs to know three things. One, what is in the infrastructure, because years of things “spinning up” happens. So, he said that they need to begin to talk about automating security.
The second thing security needs to know is what’s happening in the environment. And the third thing is, do they have the ability to do inspections? He noted that what used to take many days now only takes seconds with automation.
Ransomware and hacking
When it comes to security breaches, the most important safeguard you have is to detect the problems before it can devastate your business, Bressers said. He added that Red Hat has a phenomenal record where security is concerned.
“I can’t say that open source is more or less secure, but it is more about response time. When there is a problem, how are you dealing with it? Red Hat adds its own magic,” he added.
Watch the full interview below, and be sure to check out more of SiliconANGLE andtheCUBE’s coverage of the Red Hat Summit.
Photo by SiliconANGLE
A message from John Furrier, co-founder of SiliconANGLE:
Your vote of support is important to us and it helps us keep the content FREE.
One click below supports our mission to provide free, deep, and relevant content.
Join our community on YouTube
Join the community that includes more than 15,000 #CubeAlumni experts, including Amazon.com CEO Andy Jassy, Dell Technologies founder and CEO Michael Dell, Intel CEO Pat Gelsinger, and many more luminaries and experts.
THANK YOU