Built In Chicago Interviews CardX on Managing Security in a Serverless World
“Matt Ivaliotes, a security and IT lead at fintech company CardX, regularly schedules training on new technologies for his engineering team. He also encourages knowledge-sharing through dedicated Slack channels, attending security conferences, and reading industry newsletters to help keep teams on the cutting-edge.
‘Security requires vigilance in all contexts,’ Ivaliotes said. ‘We’ve made OWASP Top 10 training more widely available to the team beyond engineers. I believe that sharing the complexities of security, as well as the central role that social engineering plays in most serious breaches, helps our entire organization understand the demands of secure development. We build and maintain a culture of security, which includes foundational security awareness training, Slack channels dedicated to security alerts and initiatives, and a monthly company infosec newsletter.’”