Pegasystems introduced Pega Agentic Process Fabric™, a service that orchestrates all AI agents and systems across an open agentic network for more reliable and accurate automation.
The Culture Connection Gets Real: Secure Software Development Requires a New Mindset
January 24, 2018
Today’s digital economy is fueled by software. When software is developed with security integrated from the start — a practice and approach commonly known as DevSecOps — the risk of data breaches is greatly diminished, providing users with heightened levels of confidence and trust when engaging with applications and services that are so ubiquitous in our online world.
According a new survey from CA Technologies — Integrating Security into the DNA of Your Software Lifecycle(link is external) — the majority of respondents confirmed that software development supports growth and expansion, helps businesses compete and drives digital transformation. And yet, the findings show that, as software becomes more critical to business success in the digital economy, security concerns are exponentially on the rise.
In fact, 74 percent of respondents agreed that security threats due to software and code issues is a growing concern. CA Veracode’s State of Software Security Report 2017(link is external) found that vulnerabilities continue to crop up in previously untested software at alarming rates, with 77 percent of apps having at least one vulnerability on initial scan.
Creating a culture of secure software development is a major challenge, according to the survey findings. An overwhelming 58 percent of respondents cited existing culture and lack of skills as hurdles to being able to embed security testing and evaluation within software development processes. Only 24 percent strongly agreed that the organization’s culture and practices supported collaboration across development, operations and security. On top of cultural limitations, less than a quarter of respondents strongly agreed that senior management would sacrifice time to market in order to have sufficient time to assess and repair software security vulnerabilities.
Security is a key principle in any Modern Software Factory. While our survey findings confirm an overarching recognition in the importance of ensuring that data and systems are built and maintained securely, there is still a lack of cultural adoption within organizations around this pressing issue. When coupled with security, Intelligent IT – the use of AI, machine learning and analytics to make better, more informed decisions – can dramatically change the way that business is done.
The report showcases characteristics of “Software Security Masters” (the top 34 percent of respondents), which are organizations that have been able to fully integrate security into their software development lifecycles. This includes conducting early and continuous application testing for security vulnerabilities, as well as embracing the practice of DevSecOps.
In fact, when compared with the mainstream, respondents from the Software Security Masters were over two times more likely to strongly agree that they viewed security as an enabler of new business opportunities. These organizations also exhibited the following attributes:
■ 50 percent higher profit growth
■ 40 percent higher revenue growth
■ Are 2.6x more likely to have security testing keep up with frequent app updates
■ Are 2.5x more likely to be outpacing their competitors
The organizations labeled as Software Security Masters are the beacons of hope in today's digital economy. Not only do they exemplify and represent the cultural mindset necessary to adapt and thrive in today's dynamic market, they are influencing change within the industry while shaping the workplace of the future.
Survey Methodology: The global online survey of 1,279 senior IT and business executives was sponsored by CA Technologies and conducted by industry analyst firm Freeform Dynamics in July 2017. It was augmented by in-depth telephone interviews with key industry executives.
Industry News
June 02, 2025
Fivetran announced that its Connector SDK now supports custom connectors for any data source.
June 02, 2025
Copado announced that Copado Robotic Testing is available in AWS Marketplace, a digital catalog with thousands of software listings from independent software vendors that make it easy to find, test, buy, and deploy software that runs on Amazon Web Services (AWS).
May 29, 2025
Check Point® Software Technologies Ltd.(link is external) announced major advancements to its family of Quantum Force Security Gateways(link is external).
May 29, 2025
Sauce Labs announced the general availability of iOS 18 testing on its Virtual Device Cloud (VDC).
May 29, 2025
Infragistics announced the launch of Infragistics Ultimate 25.1, the company's flagship UX and UI product.
May 29, 2025
CIQ announced the creation of its Open Source Program Office (OSPO).
May 28, 2025
Check Point® Software Technologies Ltd.(link is external) announced the launch of its next generation Quantum(link is external) Smart-1 Management Appliances, delivering 2X increase in managed gateways and up to 70% higher log rate, with AI-powered security tools designed to meet the demands of hybrid enterprises.
May 28, 2025
Salesforce and Informatica have entered into an agreement for Salesforce to acquire Informatica.
May 28, 2025
Red Hat and Google Cloud announced an expanded collaboration to advance AI for enterprise applications by uniting Red Hat’s open source technologies with Google Cloud’s purpose-built infrastructure and Google’s family of open models, Gemma.
May 28, 2025
Mirantis announced Mirantis k0rdent Enterprise and Mirantis k0rdent Virtualization, unifying infrastructure for AI, containerized, and VM-based workloads through a Kubernetes-native model, streamlining operations for high-performance AI pipelines, modern microservices, and legacy applications alike.
May 28, 2025
Snyk launched the Snyk AI Trust Platform, an AI-native agentic platform specifically built to secure and govern software development in the AI Era.
May 28, 2025
Bit Cloud announced the general availability of Hope AI, its new AI-powered development agent that enables professional developers and organizations to build, share, deploy, and maintain complex applications using natural language prompts, specifications and design files.
May 27, 2025
AI-fueled attacks and hyperconnected IT environments have made threat exposure one of the most urgent cybersecurity challenges facing enterprises today. In response, Check Point® Software Technologies Ltd.(link is external) announced a definitive agreement to acquire Veriti Cybersecurity, the first fully automated, multi-vendor pre-emptive threat exposure and mitigation platform.
May 27, 2025
LambdaTest announced the launch of its Automation MCP Server, a solution designed to simplify and accelerate the process of triaging test failures.
