Communication Falls Short Between Security and Developer Teams in the Move to DevOps
August 22, 2019

Despite the enterprise benefits assured by adopting a DevOps culture, the majority of IT leaders polled believe communication between IT security and software development must improve greatly to achieve success, according to a recent survey from Trend Micro, conducted by Vanson Bourne.

While three-quarters (74%) claimed such initiatives had become more important over the past year, an even higher percentage argued that communication within the IT department needed to improve.

Meanwhile, 89% said software development and IT security teams needed to be in closer contact, while 77% said the same for developers, security and operations. A third (34%) claimed that these silos are making it harder to create a DevOps culture in the organization.

“History of software development shows that the biggest and best process improvements never happen quickly due to the most valuable variable, people, who have existing behavioral patterns and cultural components,” said Steve Quane, EVP of Network Defense and Hybrid Cloud Security for Trend Micro. “Organizations implementing a DevOps structure are going in a strong direction, but security cannot be forgotten during this transition.”

Respondents indicated the best ways to drive this cultural change include:

■ fostering greater integration between teams (61%)

■ setting common goals (58%)

■ sharing learning experiences across teams (50%).

Yet over 78% of IT decision makers said improvement is needed in these areas.

Only a third (33%) of respondents said DevOps is a shared responsibility between software development and IT operations, which is another indication of the current communication breakdown between teams. It appears that each department feels responsibility or ownership to lead these projects.

Part of the challenge is believed to be because nearly half of respondents (46%) have only partially developed their DevOps strategy — despite enthusiasm for DevOps, which has seen 81% of organizations already implement or currently work on projects. IT leaders polled confirmed that enhancing IT security is more of a priority (46%) in DevOps than any other factor.

Quane continued, “Regardless of where an organization is in their journey, there are new tools that bake security into the development process while automating rapid deployment of security at the same time as reducing risk and ensuring compliance.”

Methodology: Led by independent research specialist Vanson Bourne, the company surveyed the attitudes toward DevOps held by 1,310 IT decision makers from within both enterprise and SMB organizations across the globe. Those surveyed are at various stages of DevOps implementation as they integrate their teams, application development, information technology operations and security, to shorten and secure the development lifecycle.

Share this

Industry News

September 12, 2019

Rafay Systems announced the general availability of its turnkey, SaaS-based offering designed to confront a complex set of ongoing challenges enterprises and service providers face when modernizing their applications.

September 12, 2019

StackRox announced the availability of the StackRox App for the Sumo Logic Continuous Intelligence Platform.

September 12, 2019

Lacework is receiving $42 million from Sutter Hill Ventures and Liberty Global Ventures.

September 11, 2019

Clubhouse released a fully featured Free Plan that offers the full power of its flagship product to teams up to 10 people.

September 11, 2019

Sectigo released integrations with five of the most popular DevOps configuration management and container orchestration platforms.

September 11, 2019

Kong announced the release of a new open source project called Kuma.

September 10, 2019

Parasoft is excited to announce that Parasoft SOAtest, an API and UI functional testing solution, has won a 2019 API Award in the Best in Microservices Infrastructure category.

September 10, 2019

Cohesity announced the launch of Cohesity Agile Dev and Test, a new solution that addresses a key bottleneck organizations face in building applications at speed.

September 10, 2019

Split Software announced the addition of Feature Monitoring, an automated detection capability for its feature delivery platform that reduces detection times of errors in a code release.

September 09, 2019

US Signal announced the launch of its managed Website and Application Security Solution.

September 09, 2019

Tasktop announced that Jama Software is now offering the cloud version of its Tasktop Integration Hub for Jama Connect to automate and visualize the flow of product-critical information across the software delivery value stream.

September 09, 2019

Mesosphere announced a significant expansion in strategy and product portfolio as well as a new company name - D2iQ.

September 05, 2019

Redgate launched SQL Monitor 9.1, the latest version of the world’s most popular tool for monitoring SQL Server estates.

September 05, 2019

US Signal announced the launch of its managed Website and Application Security Solution.

September 05, 2019

Pulumi Corporation announced the general availability of version 1.0 of its modern Infrastructure as Code platform.