Session Abstract: Cybersecurity has a history of being a black-box activity, and although injecting Sec into DevOps (DevSecOps) has brought security into a more visible role, cybersecurity is still focused on reviews and code scans. Sec fails to take into account one of the most important parts of the system: the users. User Experience (UX) studies how users engage with systems. Cybersecurity delayed embracing DevOps and then had to place catch-up as DevOps took off across enterprises. UX is taking off just like DevOps, and Cybersecurity can't afford to delay yet again and not recognize the value of UX to cybersecurity.
Summary: The Sec in DevSecOps has been internally focused (scanning, automation, team awareness) and has completely lacked an external focus on the actual users and their cybersecurity considerations and vulnerabilities. Injecting User Experience (UX) into the Sec element addresses real-world implementations.