The traditional approach for security teams has involved the existenceof a siloed department, slow gatekeeping controls designed in a world ofWaterfall development, and processes that aren't nearly as agile as theyshould be.The New York Times has staked its future on being a destination forreaders; the way we gather and report news is changing, so is the way wedevelop products. We, the security team, need to re-examine whetherwe're living up to our responsibilities and potential.This talk will share practical lessons learned at The New York Times onhow to build and foster a culture of security across the organization.As part of this, the talk will also explore how we can adapt to betterconfront the new challenges we face as security practitioners.