Old notions of software security hobble today’s faster agile and DevOps-fueled software development cycles. More than 80 percent of global enterprise leaders tell IDC they intend to secure DevOps processes and integrate security testing throughout the software development life cycle, but fewer than a quarter have even begun such journeys.
Secure DevOps practices — also known as DevSecOps — is critical for enterprises that must rapidly develop and deploy digital innovations. After all, the ability to quickly create, deploy, and iterate high-quality software, according to IDC, will be a core business requirement by 2023. By then, IDC projects, products, and services from digitally transformed organizations will drive more than half of the worldwide gross domestic product (GDP). By 2025, fully two-thirds of the G2000 will be high-performance, large-scale producers of software-powered innovation.
“DevOps workflows increasingly drive such digital transformation, waterfall-style security testing and policies can gum up the works,” says Dr. Gina Smith, IDC’s lead DevOps analyst in Asia. “Organizations must move now to shift security left, integrating it at multiple points along the software development life cycle.”
“Further, they must integrate it in a collaborative way that is at once transparent to developers yet still preserves the agility, speed and teamwork that characterizes the agile and DevOps process,” Dr. Smith adds.
This research presents an eight-pillar framework to help Asian enterprises get started on the DevSecOps initiatives they need to fully realize their futures as digital innovators.