AWS re:Invent 2022: How Neiman Marcus transitioned to developer-first security

At the AWS re:Invent conference, Neiman Marcus' Cyber Security Architect Omar Peerzada discussed his team's transition from older security practices to a developer-first security strategy. The company moved from legacy infrastructure and applications to cloud, choosing AWS as their cloud partner and creating a Cloud Center of Excellence responsible for deploying DevSecOps practices across the organization. Neiman Marcus decided that its Cloud Center of Excellence was best suited to run the cloud security program, enabling the team to operate at scale without blocking product teams in the company's fast-paced environment. The team focused on automation and deployed several security designs by default, encrypting everything and ensuring tight identity access management controls for a "zero trust" framework. They also connected cloud security posture management and application security, allowing developers to make security part of their work instead of an afterthought.