Last week, CloudPassage surveyed 102 information security professionals attending the 2016 RSA Conference in order to understand how organizations are using agile IT delivery models like cloud infrastructure, the dynamics between security and DevOps, and associated challenges and perceived benefits for integrating security and DevOps.
Some of the key findings include:
- 58% of respondents said their company brings security into the design stage of a product lifecycle
- But only 50% believe that security is capable of moving as fast as new release cycles
- 65% cited lack of resources (e.g. talent and budget) and siloed departments as the biggest barriers to getting security into release cycles earlier.
- 64% have a mixed or hybrid cloud deployment (only 8% reported not having cloud infrastructure at all).
Analysis of the survey concludes:
- Shortage of security resources and siloed departments hold back continuous development/deployment
- Security needs to complement continuous software delivery
- There are mixed emotions on security moving as fast as releases continuous release cycles
- There are clear benefits for integrating security and DevOps across the business
- Most businesses have mixed cloud environments