Security Cannot Keep Up with Application Release Cycles
Tuesday, March 8, 2016
A recent survey conducted by CloudPassage indicates that a lack of resources may be hindering the ability for companies to embed security in application release cycles stymieing their efforts to implement DevOps.
According to the survey:
- When asked the stage at which security is brought into software or product development release cycles, more than half of respondents (58 percent) said security is introduced during phase one, the concept and design phase. A quarter of respondents (22 percent) said security is brought in during phase two, the coding and implementation phase.
- While more than half of respondents (58 percent) said security is brought into the development lifecycle early, over half of respondents (51 percent) disagreed and or did not know if security is capable of moving as fast as product or service release cycles.
- Two-thirds (65 percent) of security professionals cited both lack of resources (i.e. talent and budget) and siloed departments as the biggest barriers to getting security earlier into release cycles. Lack of resources was reported as the main barrier by 34 percent of the respondents. Fewer respondents, 18 percent, said security would slow down the release cycle. Eight percent said they believe “DevOps derails security.”
- One-third (33 percent) of security professionals said the biggest business benefit for integrating security into DevOps methods is better security, faster. Twenty-five percent of respondents said they believe the biggest benefit is new applications without delays caused by security. Twenty-four percent said the driver is improved relationships between DevOps and security teams.
- Nearly two-thirds (64 percent) of IT security professionals characterized their organization’s cloud deployment as being “mixed or hybrid.” Alternatively, 16 percent of respondents described their cloud deployment as private, 13 percent said they operate in the public cloud, and just 8 percent of respondents said they do not have any cloud infrastructure.
Read more: https://www.cloudpassage.com
Become a subscriber of App Developer Magazine for just $5.99 a month and take advantage of all these perks.
MEMBERS GET ACCESS TO
- - Exclusive content from leaders in the industry
- - Q&A articles from industry leaders
- - Tips and tricks from the most successful developers weekly
- - Monthly issues, including all 90+ back-issues since 2012
- - Event discounts and early-bird signups
- - Gain insight from top achievers in the app store
- - Learn what tools to use, what SDK's to use, and more