Research Reveals Global Growth of Secure DevOps
New research from Secure Code Warrior®, the global secure coding company, has revealed an attitudinal shift in the software development industry, with organisations bucking traditional practices for DevOps and Secure DevOps.
The global survey of professional developers and their managers found seven in 10 organisations (70%) recognise the importance of secure coding practices, with results indicating an industry-wide shift from reaction to prevention is underway.
Dr. Matias Madou, Chief Technology Officer and Co-Founder at Secure Code Warrior, said, “We are seeing a fundamental shift in mindsets across the world, as the industry slowly moves from reactive, band-aid solutions rolled out after a breach, to the proactive and human-led practice of writing quality software that is intrinsically free from vulnerabilities right from the very first keystroke.”
“This research shows that ‘secure code’ is becoming synonymous with ‘quality code’ within software development, and security is becoming the responsibility of development teams and leaders—not just AppSec professionals,” he said.
Secure coding seen as ‘reactive’
Reactive practices like using tools on deployed applications and manually reviewing code for vulnerabilities were the top two practices respondents associated with coding securely. However, a proactive shift in mindset was evidenced across the globe, with more than half (55%) of the developers surveyed also recognising secure coding as the active, ongoing practice of writing software protected from vulnerabilities.
Managers and developers are misaligned
Over half (55%) of managers surveyed said secure coding was practised and integrated throughout the entire development process, compared to only 43% of developers. Conversely, 36% of developers consider secure coding during development but not the design phase, as opposed to under one-third (32%) of managers.
Secure code an increasing indicator of success
While those surveyed identified ‘application performance’ and ‘functionality and features’ as the most common success metrics within software development (67% and 62% respectively), almost four in five (79%) respondents said the importance of ‘secure code’ was growing in prominence.
Application security is shifting
Almost half of respondents (46%) said development leads and teams should be responsible for application security rather than AppSec teams (24%). Over eight in 10 (81%) developers surveyed said they were accountable for any vulnerable code produced.
Developers motivated to upskill
‘Increased productivity and efficiency’, ‘curiosity’ and ‘avoiding problems caused by insecure code’ were identified as the leading intrinsic motivators to learn secure coding (20%, 14% and 11% respectively). Despite only 10% of respondents listing career advancement as a personal motivator, four in five (81%) managers were more likely to hire talent with secure coding skills.
More training is needed
91% of managers surveyed said they faced greater than average difficulty when implementing secure coding practices within their organisation, despite the overwhelming majority of respondents (97%) believing they were sufficiently trained. Perhaps, this is because almost nine in 10 (88%) developers surveyed said coding securely was challenging.
Madou added, “With OWASP’s Top 10 software vulnerabilities causing more security breaches over the past two decades than any others, now is the time for businesses to upskill developers to gain the knowledge and skills needed to stamp out insecure code and prevent issues from occurring in the first place.”
“Code is at the heart of everyday interactions, and Secure Code Warrior is focused on championing security-skilled developers who can create amazing, safe software for our connected world.”
To gain early access to the report, ‘Shifting from reaction to prevention: The changing face of application security 2021’, register your interest at scw.buzz/earlyaccess
Methodology
Secure Code Warrior® commissioned Evans Data Corporation, the market intelligence leader within the IT industry, to conduct a global survey of developers and decision-makers actively engaged in software development. In August 2020, 400 respondents were surveyed across North America, India, the United Kingdom, Europe, Australia, New Zealand and South-East Asia.
About Secure Code Warrior
Secure Code Warrior is the developer-chosen solution for growing powerful secure coding skills. By making secure coding a positive and engaging experience for developers as they increase their software security skills, our human-led approach uncovers the secure developer inside every coder, helping development teams ship quality code faster.
Through inspiring a global community of security-conscious developers to embrace a preventative secure coding approach, our mission is to pioneer a people-first solution to security upskilling, stamping out poor coding patterns for good. Learn more at securecodewarrior.com.
View source version on businesswire.com: https://www.businesswire.com/news/home/20210323006113/en/
Contact information
For media enquiries, to access the full report or arrange an interview:
Carly Ryan, Hotwire
E: securecodewarrior@hotwireglobal.com
About Business Wire
Business Wire(c) 2018 Business Wire, Inc., All rights reserved.
Business Wire, a Berkshire Hathaway company, is the global leader in multiplatform press release distribution.
Subscribe to releases from Business Wire
Subscribe to all the latest releases from Business Wire by registering your e-mail address below. You can unsubscribe at any time.
Latest releases from Business Wire
The Federation of Royal Colleges of Physicians Approves UpToDate Clinical Decision Support for CPD20.4.2021 15:30:00 CEST | Press release
UpToDate, the clinical decision support tool from Wolters Kluwer, Health has been approved by the Federation of the Royal Colleges of Physicians of the United Kingdom as a continuing professional development (CPD) activity. The organization is a collaboration between the Royal College of Physicians of London, Royal College of Physicians of Edinburgh, and Royal College of Physicians and Surgeons of Glasgow. The colleges have more than 50,000 members among them worldwide. The approval of UpToDate comes following new guidelines introduced by the Federation that recognize the use of online resources with current medical content (e-libraries) as CPD. Earning CPD while caring for patients Members will now be able to earn and track credits eligible for continuing professional development while using UpToDate to research clinical questions at the point of care. CPD credits are earned from UpToDate by consulting information relevant to a specific clinical question, thus broadening clinical know
MSCI Calls on Capital to Lead the Net-Zero Revolution20.4.2021 15:21:00 CEST | Press release
Addressing climate change will require the largest reconstruction of the global economy since the Industrial Revolution, according to a report published today by MSCI Inc. (NYSE: MSCI), a leading provider of critical decision support tools and services for the global investment community. ‘The Role of Capital in the Net-Zero Revolution’highlights how capital markets participants must be a powerful and positive force to urgently drive the systemic transformation needed to avert climate catastrophe. This call to action identifies specific steps that companies as well as owners and managers of capital must take to drive the achievement of a net-zero economy by 2050. Analysis by MSCI of its All Country World Investable Markets Index (MSCI ACWI IMI) - a measure of approximately 9,000 publicly listed companies across 50 developed and emerging markets with a market value of over USD 70 trillion1 – revealed those companies annually emit an estimated 11.2 gigatons of carbon dioxide equivalent (
PPG Reports Increased Sales of Sustainably Advantaged Products, Continued Progress on Sustainability Goals20.4.2021 15:04:00 CEST | Press release
PPG (NYSE:PPG) today launched its 2020 Sustainability Report, highlighting the company’s strong, continued progress against key environmental, social and governance (ESG) areas. The report is available at sustainability.ppg.com. “Our unwavering commitment to ‘protect and beautify the world’ guides our more than 46,000 employees to further advance our sustainability progress each day,” said Michael H. McGarry, PPG chairman and chief executive officer. “We continue to innovate, invest and develop sustainably advantaged products and processes that our customers and other stakeholders count on to create a more sustainable future. As highlighted in our latest Sustainability Report, we have made significant progress within our many ESG-related initiatives, and we continue to drive our ambitious targets forward.” Throughout last year, PPG improved the sustainability of its products, processes and operations, decreasing its overall global environmental footprint. Achievements included: 35% of
Magnitude Introduces Cloud-Scale Business Insights for ERP Systems20.4.2021 15:00:00 CEST | Press release
Magnitude Software, provider of continuous intelligence for the data-driven enterprise, today announced the release of Magnitude Angles Cloud, a cloud-based version of the company’s Angles process analytics solution. Angles Cloud greatly accelerates the delivery of powerful business insights from SAP and Oracle ERP systems directly to operational leaders in finance, supply chain, manufacturing and distribution, enabling them to make faster, more effective business decisions. Traditional business intelligence reporting requires custom development by teams of data scientists, skilled in translating the complex data schema of ERP systems, to build reports consumable by business users. Magnitude Angles provides a context-rich business data model that abstracts this complexity and includes thousands of pre-configured templates and reports to put operational analytics in the hands of business users. By eliminating the need for time-consuming custom development to provide near real-time busin
Introducing the HARMAN Ignite Store Developers Portal: Dedicated Automotive Hub for Android Developers20.4.2021 15:00:00 CEST | Press release
HARMAN, a wholly-owned subsidiary of Samsung Electronics Co., Ltd. focused on connected technologies for automotive, consumer and enterprise markets, today announced the introduction of the HARMAN Ignite Store Developers Portal – a developer hub dedicated to the Android Automotive developer community. Through the Developers Portal, those developing to the Android Automotive open operating system can deploy automotive apps – which OEMs can then easily scale and manage to drive new digital touchpoints with their customers through the HARMAN Ignite Store. As the cloud continues to drive both disruption and opportunity across mobility, the Ignite Store Developers Portal applies HARMAN’s decades of expertise across automotive and technology segments to accelerate the creation, deployment, and consumer adoption of in-vehicle apps. Android developers now can benefit from toolkits, technical documentation, access to APIs, and HARMAN’s existing network of OEMs, while automotive manufacturers ca
Tradeweb Joins Climate Bonds Initiative Partners Program20.4.2021 15:00:00 CEST | Press release
Tradeweb Markets Inc. (Nasdaq: TW), a leading, global operator of electronic marketplaces for rates, credit, equities and money markets, today announced it has joined the Climate Bonds Initiative’s Partners Program, a global movement seeking to mobilise bond markets for climate change solutions. Climate Bonds Initiative is an international, investor-focused not-for-profit organisation, promoting investment in projects and assets necessary for a rapid transition to a low carbon and climate resilient economy. The Climate Bonds Standard and Certification Scheme is a labelling scheme for bonds, loans and other debt instruments. The rigorous scientific criteria ensure consistency with the goals of the Paris Climate Agreement. The Scheme is used globally by bond issuers, governments, investors and the financial markets to prioritize investments, which genuinely contribute to addressing climate change. The Climate Bonds Initiative has been tracking the green labelled market since 2009. By par
BIO KOREA 2021 International Convention Is Ready - Showing What Makes Korea’s Bio-health Market at Record High20.4.2021 14:00:00 CEST | Press release
The 16th edition of BIO KOREA, the reference B2B event for global biotech and health industry professionals interested in opportunities in the Asian region, will be held online from 9th to 21st June 2021 with an onsite show at COEX in Seoul from 9th to 11th June. This press release features multimedia. View the full release here: https://www.businesswire.com/news/home/20210420005089/en/ In the global market, the bio-health industry is notching an annual average growth rate of 4 percent, higher than the shipbuilding and auto-making industry at 2.9 percent and at 1.5 percent, respectively. Especially, the Korean bio-health industry shows remarkable growth – its bio-health industry set a new milestone in outbound shipments with a 50 percent jump last year, led by robust demand for COVID-19 test kits and biosimilar products. With the record high export figures, the bio-health sector joins the ranks of the mainstay export industry for the first time in its history. The game-changers of the