In the cybersecurity industry, fear sells. It’s a terrific motivator for top information-technology executives to purchase the latest security tools in an effort to keep infrastructure safe and avoid the unemployment line.

However, there is a growing sense among some security practitioners that baking security into technology from the start could go a long way toward diminishing the fear factor.

“My pet peeve with security is you have to scare people into buying your stuff, and I hate that,” said Vittorio Viarengo (pictured), vice president of marketing, Cloud Business Unit, at McAfee LLC. “Instead of making it easier to deploy an application and then put security on top of it, how about if we look at it during the development process and try to identify flaws that may end up in an unsecure runtime environment? Let’s build security in the code itself.”

Viarengo spoke with John Furrier (@furrier) and Dave Vellante (@dvellante), co-hosts of theCUBE, SiliconANGLE Media’s mobile livestreaming studio, during the AWS re:Inforce event in Boston. They discussed McAfee’s most recent product updates and the company’s role in helping customers secure cloud environments (see the full interview with transcript here).

Push for security in DevOps

On Wednesday, McAfee, a device-to-cloud cybersecurity company, announced updates for its MVISION Cloud for Amazon Web Services offering. The enhancements are designed to “Shift Left,” facilitating ways to push security earlier in the DevOps process so that security professionals and developers can spot risks before they become vulnerabilities.

“The reason people go to the cloud is business agility,” Viarengo said. “Build security that is transparent to the users and transparent to the developers.”

McAfee’s latest move with AWS follows its own significant foray into cloud security with the acquisition of Skyhigh Networks Inc. last year. Skyhigh is a major player in cloud access security broker technology, another important tool in protecting workloads that can be vulnerable in the cloud too.

A previous McAfee report found that 25% of organizations surveyed had experienced data theft in a public cloud.

“The network used to be the control point for everything security, but now we run applications on infrastructure we don’t own that traverses a network we don’t operate,” Viarengo said. “Today, work gets done on endpoints that are attached to the cloud. Our strategy is to secure data where work gets done.”

Watch the complete video interview below, and be sure to check out more of SiliconANGLE’s and theCUBE’s coverage of the AWS re:Inforce event.

Photo: SiliconANGLE