TMCnet News
DigiCert Survey Shows Enterprises Integrating Security Teams into DevOpsLEHI, Utah, July 19, 2017 /PRNewswire/ -- DigiCert, a global leader in scalable identity and encryption solutions for enterprise and Internet of Things (IoT) security, today announced the results of its 2017 "Inviting Security into DevOps Survey," which reveals that 98 percent of enterprises are integrating their security teams into their existing DevOps methodologies. Or, at least they're trying to. Their goal is to increase information security, IT agility and development agility. However, they face several challenges, including the amount of time required, and cultural differences among the security, IT and DevOps roles. "Going faster introduces security risks, while maximizing security often slows things down," said Dan Timpson, Chief Technology Officer at DigiCert. "The market is at a tipping point and enterprises are looking for solutions to minimize the time that it takes to integrate and to help security better fit within DevOps workflows." 49 percent are in the process of doing so, and 49 percent have completed their efforts. Those who have integrated security into DevOps report improvements to both development agility and information security, contrary to the common belief that security and agility cannot coexist. Additionally, they are:
Repercussions of the Status Quo
Respondents also admit the process is not easy, although the obstacles vary depending on where anorganization is in the process. Before making the transition, enterprises predict the top challenges will be that:
For those organizations looking back after integrating security, the biggest roadblocks turned out to be:
Note the top challenge cited after integrating was that the transition took too long. Technical teams underestimate the challenge of integrating security into DevOps, thinking the integration will take less than a year (seven to 11 months). Those who claim to have completed the process say it took roughly twice as long—on average one to two years. Recommendations
"Agility and security are not mutually exclusive, and integration requires a combination of technology improvements, and a cultural shift in how technical staff is aligned," said DigiCert Chief Security Officer Jason Sabin. "The DevOps methodology is not just a method for increasing speed, but about improving efficiency, quality control and predictability in development outcomes. The right integration of security staff and technology, including digital certificates, can improve organizational metrics, avoid costly delays and improve the end-user experience." Read the full survey report. About the Research About DigiCert, Inc.
View original content with multimedia:http://www.prnewswire.com/news-releases/digicert-survey-shows-enterprises-integrating-security-teams-into-devops-300490538.html SOURCE DigiCert, Inc. |