iscover
ReporterShare this article on:
Powered by
MOMENTUM
MEDIA
A study conducted by Forrester Consulting on behalf of VMware has found that 52 per cent of developers believe that security policies are stifling innovation at their organisations.
Forrester Consulting surveyed 1,475 IT and security leaders and discovered that only one in five (22 per cent) developers strongly agree that they understand which security policies they are expected to comply with. The data collected also revealed that more than a quarter (27 per cent) of the developers surveyed are not involved at all in security policy decisions, despite the impact on their roles.
Seventy-three per cent of respondents agreed that their senior leadership focuses more on strengthening the relationship between development and security than they did two years ago, but relationships are still strained.
According to Rick McElroy, principal cybersecurity strategist at VMware, the research shows that security needs a perception shift.
“Rather than be seen as the team that only swoops in to fix breaches and leaks, or who ‘gets in the way’ of innovation, security should be embedded across people, processes, and technologies," McElroy added.
"Security needs to be a team sport that works alongside IT and developers to ensure protection across clouds, apps and all digital infrastructure.
"We have to develop a culture where all teams have shared interests and common goals or metrics, and where they speak one language."
One in three (34 per cent) decision makers reported their organisations’ teams are not effectively collaborating or taking strides to strengthen relationships between security and development teams.
More than half (53 per cent) of respondents expect security and development teams to be unified within three years. About 42 per cent expect security to become more embedded in the development process in that same period.
The study identified that the lack of role definition for development teams, lack of communication between teams and competing priorities have had a major impact on collaboration.
There’s a broader acknowledgment that cross-team alignment empowers businesses to reduce team silos (71 per cent), create more secure applications (70 per cent) and increase agility to adopt new workflows and technologies (66 per cent).
Organisations where security and development teams have a positive relationship can accelerate the software development life cycle five business days faster than those without – demonstrating how speed to market and competitive advantage are at stake.
“There’s overwhelming value to the business when IT, security, and developers are all part of the decision making, design, and execution,” McElroy said.
Be the first to hear the latest developments in the cyber industry.
