Published on November 16, 2023, 4:09 pm
The rapid adoption of DevOps in 2021 has brought several benefits to organizations, including faster software delivery, improved code quality, and increased developer productivity. As we move into the upcoming year, there are key challenges and opportunities that CIOs need to focus on. These include tool consolidation, emphasizing security and compliance, and aligning development and security teams.
According to GitLab’s 2022 Global DevSecOps Survey, which had approximately 5,000 respondents, the industry is continuing to prioritize security and compliance while investing in toolchain consolidation. The survey also highlighted the ongoing impacts of rapid DevOps adoption.
Nearly three-quarters of the survey respondents have either adopted or plan to adopt a DevOps platform within the year. This trend is driven by rising industry expectations related to security, compliance, toolchain consolidation, and faster software delivery.
Jonathan Hunt, VP of Security at GitLab, stated that while rapid deployment and speed-to-market are crucial in today’s business landscape, they often come at the expense of security. However, Hunt believes that streamlined toolchains and standardized processes can help keep security and compliance as a core focus throughout the software development lifecycle (SDLC).
The survey results confirm that security is the highest-priority investment area for organizations. More than half of security team members reported that their organizations have shifted security left or plan to do so this year. This shift involves integrating security practices earlier in the development process.
Toolchain consolidation is another area of focus for many organizations. Around 69% of survey participants expressed a desire to consolidate their toolchains due to challenges with monitoring, development delays, and negative impacts on developer experience.
However, despite recognizing the importance of security and implementing strategies like shifting security left, some companies still face challenges in this area. Only 10% of respondents reported receiving an additional budget specifically for improving security.
Furthermore, although developers understand that security is a performance metric within their organizations, 50% of security professionals believe that developers are failing to identify security issues. This lack of identification accounts for 75% of vulnerabilities.
To bridge this gap, developers need to be incentivized to follow security protocols and given full visibility into the toolchain and potential risks. When there is collaboration between development, security, and operations teams, organizations can achieve great results. Better security was noted as a significant advantage of using a DevOps platform by these teams.
According to the survey data, decision-makers consider a commitment to security as a crucial factor when choosing a DevOps platform or other tools. Additionally, investing in a single platform allows practitioners to access more features with fewer tools and lower expenses.
In conclusion, CIOs should prioritize tool consolidation efforts, focus on strengthening security and compliance practices, and foster alignment between development and security teams. GitLab’s survey highlights the importance of these areas for organizations as they continue their DevOps journey in 2022.