Finance sector needs balanced software development operations: Experts
'Due to the finance sector's nature, regulations and security risks lead to a balanced approach in development operations between speed and security,' says sector representative
ISTANBUL
Between speed and security, there needs to be a balance in software development processes in the finance sector, experts stressed Wednesday in a panel named "Balancing Speed and Security: DevSecOps in a Zero Trust World" at the DevSecOps (Development, Security and Operations) Days Istanbul Conference.
The three panelists -- Faruk Selman Lekesiz, director of Information Technology Solutions at Takasbank, Abdulkadir Demir, Application Security and Vulnerability Management Manager at Ziraat Technology, and Ali Riza Bulazar, System Management Director at Borsa Istanbul -- said that although speed is crucial for development operations, the finance sector's risks make way for a more balanced approach.
Lekesiz said that in the finance sector, security in development operations is very important, especially in a "zero trust" environment.
"Due to the finance sector's nature, regulations and security risks lead to a balanced approach in development operations between speed and security," he said.
Demir noted that as the finance sector, they are in a constant state of audit due to regulations and security concerns.
"Ziraat Technology is one of the pioneers in the field of DevSecOps, and in my experience, I advise a balanced approach between speed and security in development processes," he said.
Bulazar stressed that although speed is crucial for software development, the quality and security of the product is also important, especially in the finance sector.
"I think speed without security is not sustainable," he said.
Additionally, however, while noting that artificial intelligence is growing its field of use in the finance sector, the three panelists said the sector still remains skeptical in its wider use due to security concerns.
The third edition of the DevSecOps Days Istanbul Conference, which brings together experts, sector representatives, software engineers and cybersecurity professionals, began at Borsa Istanbul on Wednesday.
The event is organized under the theme, "AI for DevSecOps," underscoring AI's role in the development, security and organization processes.
The two-day program will host numerous panels, discussions and workshops for DevSecOps practices and processes as well as cybersecurity issues and AI security. Anadolu serves as its global communications partner.
DevSecOps is an application development methodology that automates the integration of security and security practices at every stage of the software development lifecycle from original design to integration, testing, delivery and deployment.
