Policy Design in the Age of Digital Adoption: Explore how PolicyOps can drive Policy as Code adoption in an organization's digital transformation

A proven methodology to build a PolicyOps function and public policy design frameworks for digital adoption, supporting your organization's journey into new paradigms and service models such as Cloud, SaaS, CaaS, FaaS, and DevOps

Key Features

- Understand and define policies that can be consumed across the business
- Leverage a framework to embed Policy as Code into the organization
- Learn how to use Open Policy Agent and its powerful policy language, Rego

Book Description

Policy as Code (PaC) is a powerful paradigm that enables organizations to implement, validate, and measure policies at scale. Policy Design in the Age of Digital Adoption is a comprehensive guide to understanding policies, their design, and implementation for cloud environments using a DevOps-based framework. You'll discover how to create the necessary automation, its integration, and which stakeholders to involve.

Complete with essential concepts, practical examples, and self-assessment questions, this book will help you understand policies and how new technologies such as cloud, microservices, and serverless leverage Policy as Code. You'll work with a custom framework to implement PaC in the organization, and advance to integrating policies, guidelines, and regulations into code to enhance the security and resilience posture of the organization. You'll also examine existing tools, evaluate them, and learn a framework to implement PaC so that technical and business teams can collaborate more effectively.

By the end of this book, you'll have gained the confidence to design digital policies across your organizational environment.

What you will learn

- Understand policies, guidelines, regulations and how they fit together in an organization
- Discover policy-related current challenges brought by digital transformation regarding policies
- Find out about Open Policy Engine (OPA) and other policy engines for different environments
- Get to grips with the latest developments in PaC through a review of the literature, toolset, and usage
- Explore the PaC framework to develop trust at scale, leveraging patterns and best practices
- Become familiar with tool evaluation and selection using real-world examples

Who this book is for

From decision-makers, such as chief information officers (CIOs) and chief information security officers (CISOs) responsible for affecting change horizontally in an organization, to cloud and DevOps architects and engineers, this book will help professionals involved in designing, implementing, and measuring policies in their organizations. A basic understanding of concepts such as cloud-native technologies, Infrastructure as Code, DevOps, and automation is necessary to get started with this book.

Ricardo Ferreira MSc is a technologist that loves to democratize technology. His career has been diverse, ranging from technical contributor to senior management in a Big Four where he advised some of the largest financial organizations how to adopt Cloud securely. This variety of experiences gave him a holistic understanding of organizations' challenges when adopting new emerging technologies, and how to drive policies for digital enablement.

Currently, Ricardo is an EMEA CISO for Fortinet, aligned with sales and marketing, engaging with CxOs to drive cybersecurity awareness where he helps customers adopt information security strategies. He is an active member of the cyber security industry, contributing to CNCF and CSA computing standards.

1. Introduction to the Policy Design Theory
2. Operationalizing Policy for Highly Regulated Industries
3. Policy as Code as a Business Enabler
4. Framework for Digital Policies
5. Policy for Cloud-Native Environments
6. Policy Design for Hybrid Environments
7. Building a Culture of PolicyOps
8. Policy Engines
9. A Primer on Open Policy Agent
10. Policy as Code Tool Evaluation
11. Cloud Providers Policy Constructs
12. Integration with Existing Enterprise Workflows
13. Real-World Scenarios and Architecture