& cplSiteName &

Enterprises Look to Bake Security Into DevOps – Study

Scott Ferguson

While DevOps is still a fairly new concept to most enterprises and their development teams, security has been ingrained into the DNA of IT for some time. Now, some are trying to combine the two.

In a study conducted by DigiCert, which makes encryption and identity tools for Internet of Things (IoT) devices, the company found that nearly 98% of respondents are trying to integrate members of their security and DevOps teams.

Of the 300 senior IT, DevOps and security managers interviewed for the report, about half reported that they are in the process of integrating security and DevOps, and the other half claim that they have already completed combining the two.

Working toward a DevOps models that allows for continuous development of applications is not easy to start with, and many enterprises struggle with integrating the development side of the house with the operations side. Adding security into the mix further complicates the process, although respondents believe it's worth changing the culture.

"Going faster introduces security risks, while maximizing security often slows things down," Dan Timpson, CTO of DigiCert, wrote in the July 19 report. "The market is at a tipping point and enterprises are looking for solutions to minimize the time that it takes to integrate and to help security better fit within DevOps workflows."

In the era of increased use of cloud computing, DevOps is considered essential to the application development process, especially as companies eye digital transformation as the next big step. In order to get there, apps need to be developed, tested, sent to production and updated as quickly as possible.

Keep up with the latest enterprise cloud news and insights. Sign up for the weekly Enterprise Cloud News newsletter.

However, speeding up the process leaves security holes. About 71% of those surveyed by DigiCert believe there is an increased security risk by not combining DevOps and the security team.

In the study, once DevOps and security are integrated, there are tangible benefits:

  • 22% of respondents report that development is better with security
  • 21% reported that the team is still meeting delivery deadlines
  • And 21% also believe that a combined DevOps and security team lowers risks to applications

It should also be noted that this type of project is not a quick solution. Those IT departments that have combined security and DevOps reported it took at least two years to complete.

The report also offers practical tips for integration, including appointing a "social leader" to help bridge the gap between IT, security and DevOps, as well as making investments in automation.

Related posts:

— Scott Ferguson, Editor, Enterprise Cloud News. Follow him on Twitter @sferguson_LR.

(2)  | 
Comment  | 
Print  | 
Newest First  |  Oldest First  |  Threaded View        ADD A COMMENT
More Blogs from Scott Ferguson
From its roots in industrial farm machinery and other equipment, John Deere has always looked for a technological edge. About 20 years ago, it was GPS and then 4G LTE. Now it's turning its attention to AI, machine learning and IoT.
Artificial intelligence and automation will become more integral to the enterprise, and 90% of all apps will have integrated AI capabilities by 2020, according to Oracle CEO Mark Hurd.
IBM is now offering access to Nvidia's Tesla V100 GPUs through its cloud offerings to help accelerate AI, HPC and other high-throughput workloads.
CIO Rhonda Gass is spearheading an effort to bring more automation and IoT to the factories making Stanley Black & Decker tools and other equipment.
Workday is looking to build out its machine learning and artificial intelligence capabilities with the acquisition of startup SkipFlag.
Featured Video
From The Founder
John Chambers is still as passionate about business and innovation as he ever was at Cisco, finds Steve Saunders.
Flash Poll
Upcoming Live Events
June 26, 2018, Nice, France
September 12, 2018, Los Angeles, CA
September 24-26, 2018, Westin Westminster, Denver
October 9, 2018, The Westin Times Square, New York
October 17, 2018, Chicago, Illinois
October 23, 2018, Georgia World Congress Centre, Atlanta, GA
November 7-8, 2018, London, United Kingdom
November 8, 2018, The Montcalm by Marble Arch, London
November 15, 2018, The Westin Times Square, New York
December 4-6, 2018, Lisbon, Portugal
All Upcoming Live Events
Hot Topics
NFV Is Down but Not Out
Iain Morris, News Editor, 5/22/2018
Trump Denies ZTE Deal, Faces Senate Backlash
Dan Jones, Mobile Editor, 5/22/2018
What VeloCloud Cost VMware
Phil Harvey, US News Editor, 5/21/2018
5G in the USA: A Post-BCE Update
Dan Jones, Mobile Editor, 5/23/2018
Vanquished in Video, Verizon Admits OTT Defeat
Mari Silbey, Senior Editor, Cable/Video, 5/23/2018
Animals with Phones
Live Digital Audio

A CSP's digital transformation involves so much more than technology. Crucial – and often most challenging – is the cultural transformation that goes along with it. As Sigma's Chief Technology Officer, Catherine Michel has extensive experience with technology as she leads the company's entire product portfolio and strategy. But she's also no stranger to merging technology and culture, having taken a company — Tribold — from inception to acquisition (by Sigma in 2013), and she continues to advise service providers on how to drive their own transformations. This impressive female leader and vocal advocate for other women in the industry will join Women in Comms for a live radio show to discuss all things digital transformation, including the cultural transformation that goes along with it.

Like Us on Facebook
Twitter Feed