Cloud Native ComputingDevOpsDevSecOpsNews

Organizations Admit More Could Be Done To Improve DevSecOps Practices: Survey


According to the latest survey by ProgressDevSecOps: Simplifying Complexity in a Changing World”, many companies are behind in achieving their DevOps and DevSecOps goals: 73% of organizations said they could be doing more, 76% acknowledge they need to be more strategic about how they manage DevSecOps, and 17% still consider themselves at an exploratory and proof-of-concept stage.

Conducted by Insight Avenue and sponsored by Progress, the survey aimed to uncover the true state of DevOps and DevSecOps adoption – from business priorities to technology adoption, lack of cultural alignment and investment, and the common pitfalls and successes shared by businesses worldwide.

The survey revealed that security is the number one driver behind most DevOps and DevSecOps implementations. Yet only 30% feel confident in the level of collaboration between security and development, 86% experience challenges in their current approaches to security and 51% admit that they don’t fully understand how security fits into DevSecOps.

The survey added that culture is the biggest barrier to DevOps and DevSecOps success. In fact, 71% of respondents agreed that culture is the biggest barrier to DevSecOps progress, yet only 16% are prioritizing culture as an area to optimize in the next 12-18 months.

The organizations succeeding in the implementation of DevOps and DevSecOps policies and practices recognize the importance of security training and upskilling. This helps them reach a higher level of continued long-term collaboration between security and development teams. According to the respondents, the top business factors driving the adoption and evolution of DevOps inside their organizations include a focus on agility; reducing the business risk of quality, security, and downtime or performance issues; and the need to implement DevOps to support a cloud-mandate or their move to the cloud.

Other survey areas highlighted include infrastructure modernization efforts, policy as code, cloud-native adoption, time to ROI, investment and education opportunities, and more.

More than 600 IT, security, application development and DevOps decision makers globally shared insights into the level of DevSecOps maturity and challenges faced across their organizations.