Today, DigiCert announced results from the 2017 Inviting Security into DevOps Survey.
Many enterprises face challenges balancing their most important, yet conflicting, goals of increasing information security while also increasing agility in IT and development.
The research dives into obstacles of security integration, as well as dangers faced when security operates outside of DevOps. The survey assesses the state of security in DevOps, finding the market is at a tipping point—with 49% of enterprises saying they are currently integrating security into their existing DevOps practices.
We surveyed more than 300 individuals in various IT, development, and security roles at hundreds of organizations throughout the U.S.
The report finds development agility is a byproduct of putting security first and security integration pays off. Development and information security both improve when you take a DevOps approach.
The report specifies four best practices for organizations that want to balance development agility and information security for a more predictable and reliable process:
- Appoint a leader for cultural change
- Put security leads on all DevOps initiatives
- Use automation where it makes sense
- Integrate and standardize
Download the full report and get all the detailed recommendations here.